Just dipping my tow into insight report generation
I am in the
the process of rolling out multi site NAC solution using clearpass and 2930 switches. Switches currently have static vlan/port assignements and inital NAC switch configurations will have auth-vid set to whatever VLAN a switch port is currenty statically assigned to. When clearpass processes an Access-Request its going to either return an Access-Accept packet with a named vlan if we have processed the device fingerprint to assign a role, or no vlan if we don't. The client device therefor will either be placed in a new (named) vlan or "stay where it is" .
I therfor need to generate an insight report for all devices that "stay wher they are" i.e. that have fingerprints we dont recognise ( have not assigned a role based upon what we see) and have sent bck a minimal Access-Accept packet.
Thought that inserting an endpoint attribute for devices that have an access-accept packet without a VLAN definition might be the way to go and then to generate a report listing all the endpoints that have that attribute present.
Guess simple question is can I generate an insight report listing all endpoints that contain a specific attribute?
Rgds
Alex
------------------------------
Alex Sharaz
------------------------------