We have open guest wifi open for several hours throughout the day. Our service provider sent us a note that someone is downloading torrents during this time. Is there a report or anything within Clearpass that I can get the IP or MAC?
Airwave and Clearpass does not record who is downloading torrents, because it does not know what that traffic looks like, unfortunately.
Can I get a historical report from Clearpass indicating bandwidth usage from a generated guest account??
Assuming you have accounting enabled, you can use Insight to generate the report. Navigate to the login screen of your CPPM server and you'll see the Insight link on the page.
We had this problem and had to put a Palo Alto firewall in service which does detect torrent traffic it just automatticly blocks traffic to that IP much easier then trying to figure it out with usage someone might be using a VPN connection which might looke like high traffic use to a bit torrent site.
We do have PA FW's as well.. unfortunatley, the user was on our Guest network which is a NAT'd IP so Palo had that field blank. We now block torrents for guest users just still trying to figure out any detailed info on it.
We are natting from the PA on the edge internet then to a small Aruba controller then GRE tunnel back to our local controllers accross our network. that way we can control what people are doing and the IP from end to end is in the same network but tunneld to the end user.
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.