Security

Reply
New Contributor

RE: clear pass analytics capability (or Aruba in general)

hi,
we have installed Controller, Airwave and ALE which is all working fine.
We are currently looking at social wifi by Aruba clear pass.

We are concerned about its analytics capability.

From the documentation we are unsure about how to track:

(sorry, this is one of our requirements)

 

* client MAC using which AP mac to login to which site , and the site credential

(facebook, twitter handle) and the time.

* Statistic count and hours of online users who continue to browse during the day, ability to showcase when are the peak hours and non peak hours

* Top ten listing of most visited sites on daily/weekly basis

* Ability to work with VLAN based zoning with relevant statistic to display area of usage and history

 

and lastly:

* Ability to define and manage custom bandwidth profiles for different classes of wifi users.

 

 

 

Aruba clear pass experts please help , thanks

 

 

 

Aruba

Re: RE: clear pass analytics capability (or Aruba in general)

#1 Clearpass is a AAA tacaacs system. Is not designed to be an antilitlcs systems. There are many third party systems that already do that so it is not a major road plan item today and you will need to offload the data. 

 

That being said you will still get alot of the information that you are looking for but you are better off Sysloging all the data off to a third party system to crunch the data. 

 

See below for answers

 


apoapoapoapo wrote:

hi,
we have installed Controller, Airwave and ALE which is all working fine.
We are currently looking at social wifi by Aruba clear pass.

We are concerned about its analytics capability.

From the documentation we are unsure about how to track:

(sorry, this is one of our requirements)

 

* client MAC using which AP mac to login to which site , and the site credential

(facebook, twitter handle) and the time.

 

With the social login built into CPPM you can track the mac/IP/and site and email that was used to login.

 

* Statistic count and hours of online users who continue to browse during the day, ability to showcase when are the peak hours and non peak hours

 

Clearpass is not a DPI system and it does not sit in line with the packets. You can record when they connected and how long they were on, but it will not tell you if data was passed at certian times. It can only give you a cumlitive data usage.

 

* Top ten listing of most visited sites on daily/weekly basis

 

Same as last question

 

* Ability to work with VLAN based zoning with relevant statistic to display area of usage and history

 

Again the data is all there you will just need to syslog the data off, also you should be able to get alot of that data out of airwave.

 

and lastly:

* Ability to define and manage custom bandwidth profiles for different classes of wifi users.

 

Yes

 

 

 

Aruba clear pass experts please help , thanks

 

 

 


 

Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
Guru Elite

Re: RE: clear pass analytics capability (or Aruba in general)

You can configure ClearPass to send data to services like Loggly which can aggregate the data and provide charts and reports.

For example, I have social network, ap location, mac address, device type and authentication time being sent to Loggly where I have created custom dashboards showing unique users per hour, device breakdown and social network breakdown.

This is the beauty of ClearPass Exchange and open APIs.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor

Re: RE: clear pass analytics capability (or Aruba in general)


tarnold wrote:

#1 Clearpass is a AAA tacaacs system. Is not designed to be an antilitlcs systems. There are many third party systems that already do that so it is not a major road plan item today and you will need to offload the data. 

 

That being said you will still get alot of the information that you are looking for but you are better off Sysloging all the data off to a third party system to crunch the data. 

 

See below for answers

 


apoapoapoapo wrote:

hi,
we have installed Controller, Airwave and ALE which is all working fine.
We are currently looking at social wifi by Aruba clear pass.

We are concerned about its analytics capability.

From the documentation we are unsure about how to track:

(sorry, this is one of our requirements)

 

* client MAC using which AP mac to login to which site , and the site credential

(facebook, twitter handle) and the time.

 

With the social login built into CPPM you can track the mac/IP/and site and email that was used to login.

 

* Statistic count and hours of online users who continue to browse during the day, ability to showcase when are the peak hours and non peak hours

 

Clearpass is not a DPI system and it does not sit in line with the packets. You can record when they connected and how long they were on, but it will not tell you if data was passed at certian times. It can only give you a cumlitive data usage.

 

* Top ten listing of most visited sites on daily/weekly basis

 

Same as last question

 

* Ability to work with VLAN based zoning with relevant statistic to display area of usage and history

 

Again the data is all there you will just need to syslog the data off, also you should be able to get alot of that data out of airwave.

 

and lastly:

* Ability to define and manage custom bandwidth profiles for different classes of wifi users.

 

Yes

 

 

 

Aruba clear pass experts please help , thanks

 

 

 


 


 

 

Thanks both, your replies were very userful to us. I assume I can find syslog options

under Administrator tab ? I am looking at this documentation from Aruba titled

"How-To: ClearPass Guest Social Logins"   but havn't seen anything about logging yet.


 

thanks

 

 

Guru Elite

Re: RE: clear pass analytics capability (or Aruba in general)

There's not documentation for what I did right now.

You use the Loggly's XML API to send the data after each social authentication. I'll post a sample later when I'm near my laptop.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Contributor II

Re: RE: clear pass analytics capability (or Aruba in general)

we use Splunk to produce and consolidate all this info . You get this syslog info out of ClearPass via export filters. If there is something the standard ones don't give you, you can write your own. Fairly simple process. Also ask your partner/contact about the Splunk tools Aruba are working on. They are well worth a look
Moderator

Re: RE: clear pass analytics capability (or Aruba in general)

I posted the ClearPass for Splunk App to the Splunk App Store about two weeks ago.

https://apps.splunk.com/app/1895/


If you get to try it out, send me any feedback you have.



Please excuse my errors as sent using my small useless keyboard on my smartphone.

Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: