Security

Reply
New Contributor

MAC Randomization - Will it use extra ClearPass licenses and/or cause excessive endpoint DB size?

We're seeing a small number of users enabling MAC randomization on our network. We have 4 25k VA CPPM servers. We recently added the 4th to accomodate usage.

 

I'm wondering if MAC randomization will start to use up more clearpass licenses?

Also, regardless of the above, will I need to clean up my endpoint database more often being that a user technically could have a different MAC every day if not more?

 

I haven't looked into it too much at this point. Thought I'd post here while I research.

Guru Elite

Re: MAC Randomization - Will it use extra ClearPass licenses and/or cause excessive endpoint DB size

No, MAC address randomization that is enabled by default on some devices is only used prior to association to the network (during probing). When the client associates and is subsequently authenticated by ClearPass, the real MAC address is presented to the controller and thus ClearPass.

The one exception to this is Windows 10 can be configured to use a different MAC address per SSID. This is disabled by default and most people don’t even know how to turn it on, so it shouldn’t be an issue for you.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: MAC Randomization - Will it use extra ClearPass licenses and/or cause excessive endpoint DB size

That is partly the case but not all of it. There is a setting to pick a new random MAC every day and it is used to associated not just for beaconing. We have some evidence of this. Again, stil digging.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: