Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Pre-populate Endpoint database with Subnet / Endpoint Scan

This thread has been viewed 0 times

  • 1.  Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 17, 2015 10:04 PM

    Is it possible to combine the actions of the subnet scan and the NMAP plugin to pre-populate the endpoint database without using an Alert on a service policy.

     

    It would be great for pre-scanning a network so that you know what device types to include in your role mapping / enforcement profiles. 



  • 2.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 17, 2015 10:57 PM

    Also can you force start a subnet scan?



  • 3.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan
    Best Answer

    Posted Feb 18, 2015 12:01 AM

    Hey Scott,

     

    This and a lot of other things will be in 6.5.... you should have your hands on the code in the next few days :-)

     

    Does this help you?

     

    ClearPass_Policy_Manager_-_Aruba_Networks.jpg

     

     



  • 4.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 18, 2015 06:53 PM

    Hi Danny,

     

    Thats great news!

     

    Looking forward to 6.5 even more now!

     

    Scott



  • 5.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 18, 2015 06:56 PM

    One more question, in 6.4, is there any way to validate a scan has taken place? I've set one up and i know there are devices on the subnet i'm scanning but i've returned no results in the endpoint database. 

     



  • 6.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 18, 2015 09:46 PM

    Scott,

     

    The scan in 6.4 is a snmp scan and the interval is on the cluster-wide settings [default-24-hours, minimum of 6-hours].... we should post a message ot the event-log when this runs from memory....

     

    In 6.5 we are adding a lot more scanning options.... again hope some of this helps.....

     

    We can add multiple snmp community-strings to check, previously it was only public.... now we can add as many as required and specific their type V2,V2c,V3 etc.

     

    We will also 

     

     

     



  • 7.  RE: Pre-populate Endpoint database with Subnet / Endpoint Scan

    Posted Feb 19, 2015 12:43 AM
    Thanks Danny!