Security

Hello,

I'm working with active and passive profiling, I'm managing a project where we need to pickup information about all devices connected to the NADs where we're going to implant CPPM Policies. I don't have any problem about the services, I've a service recollecting information and profiling devices but I've to make this job in many switches and I'd like to filter these output by NAD, in other words, in the CPPM's Endpoint section I'd like to filter by switch to check quickly the ports about CPPM has been able to recollect information.

Is there any way to make that? I've not fount any way to make a filter by NAD, the only thing that I've seen is the chance of make a filter by "location", I understand if I would send the location in the Radius requests of my NADs, this field could help me to filter the Endpoints, buy I think that there have to be any other form to make that.

Thank you very much.

Hi Adan,

for a very similar reason I use the following solution (Update Endpoint Profile):

Profile -> Endpoint Last Known Location = %{Connection:NAD-IP-Address} %{Radius:IETF:NAS-Port}

From now on, you can search your endpoint db via "Attribute" "Last Known Location".

Original Message:
Sent: Apr 11, 2021 05:43 PM
From: Adan Garcia
Subject: CPPM Profiling

Hello,

I'm working with active and passive profiling, I'm managing a project where we need to pickup information about all devices connected to the NADs where we're going to implant CPPM Policies. I don't have any problem about the services, I've a service recollecting information and profiling devices but I've to make this job in many switches and I'd like to filter these output by NAD, in other words, in the CPPM's Endpoint section I'd like to filter by switch to check quickly the ports about CPPM has been able to recollect information.

Is there any way to make that? I've not fount any way to make a filter by NAD, the only thing that I've seen is the chance of make a filter by "location", I understand if I would send the location in the Radius requests of my NADs, this field could help me to filter the Endpoints, buy I think that there have to be any other form to make that.

Thank you very much.

------------------------------
Adan Garcia
------------------------------

Hi,
You could cfeate an attribute when authenticating the device and assign the NAD IP address to it. That way in the endpoint  search facility 

you could search for your attriburte and the ip address of the device it came from

Rgds
Alex

------------------------------
Alex Sharaz
------------------------------

Original Message:
Sent: Apr 11, 2021 05:43 PM
From: Adan Garcia
Subject: CPPM Profiling

Hello,

I'm working with active and passive profiling, I'm managing a project where we need to pickup information about all devices connected to the NADs where we're going to implant CPPM Policies. I don't have any problem about the services, I've a service recollecting information and profiling devices but I've to make this job in many switches and I'd like to filter these output by NAD, in other words, in the CPPM's Endpoint section I'd like to filter by switch to check quickly the ports about CPPM has been able to recollect information.

Is there any way to make that? I've not fount any way to make a filter by NAD, the only thing that I've seen is the chance of make a filter by "location", I understand if I would send the location in the Radius requests of my NADs, this field could help me to filter the Endpoints, buy I think that there have to be any other form to make that.

Thank you very much.

------------------------------
Adan Garcia
------------------------------