last person joined: 9 minutes ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

Device Insight and SPAN

This thread has been viewed 5 times
  • 1.  Device Insight and SPAN

    Posted Jul 09, 2021 02:53 PM
    The CDI implementation guide says to configure a span session on the the switches/controllers to send traffic to CDI.

    My customer is using Aruba switches and is running into an issue with the limitation of only 4 mirror sessions. So I was thinking that instead of sending the mirrored vlans to the collector, to just tag all the vlans on the port's going to the collectors. Will that work?

    I just saw this enhancement.....I just saw this enhancement.....

    Polling of Network Access Devices Without the Need for Span Port

    so my question above may be moot. So what kind of polling is the collector doing of the NAD's?



  • 2.  RE: Device Insight and SPAN

    Posted Jul 10, 2021 03:05 AM
    Mirroring a 'trunk port' with multiple tagged VLANs into the CPDI collector is supported, and what I typically recommend. The collector is VLAN tag aware, and you can in the monitor even see which VLANs are active and have how much traffic.

    For the Polling of Network Access Devices feature, there is some more extensive explanation in the documentation. It's under the June 2020 updates.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.