Hi , I have a customer requirement.
DHCP fingerprinting is used which returns vendor , device category .os version etc.
The requirement is to have a fqdn in the profiling to see whether it's a domain machine or external machine when both internal and external hit the mab rule .
For valid internal user having machine certificates it will go for eap TLS
But if cert expired or corrupted , and internal user hit mab , how profiling segrgate it from an external user who also hit mab rule
The profiling method is DHCP.
I checked on Cisco ise which also has option of AD fingerprinting to get domain attribute .just checking if possible in cppm