Hi,
I've done a fair amount of fingerprint work within clearpass including custom fingerprint creation, but one thing that nevern seems to be right is identifying windows machines.
We have a site that ive been told is predominately windows 10 ( few surface devices and an aging Vista/7/2008 device).
all these clients perform eap-tls
looking at the client cert the certs are issued by a windows pki and the cert name reflects its position in AD
.... ou="Windows 10,ou=<windows build number> ......
looking in clearpass i can see all the cert info and everything tells me that its a win 10 machine ..... except the fingerprint comes back with a device name of "windows" and not "windows 10"
Loking at the (6.5) Aruba os mobility controller, it also tells me a device is win 10
just clearpass tells me that its device name is Windows
can have 2 devices both with the same build number of windows 10 ( granted that doesn t necessarily mean it is a win 10 device, only its place in AD) and one is identified as win 10 and one as windows
Were only using the dhcp collector at present and no user agent string
and yup the dhcp options are different for win 10 flagged devices compared to "windows" flagged devices (dhcp_options has more values)
so in theory can have 2 devices with build 17xx and i get one of each
cppm running latest fingerprint info (2.80) but the cppm version i 6.7.x
So how come an aging mobility controller can recognise a win 10 device and bleeding edge clearpass cant ?
A
------------------------------
Alex Sharaz
------------------------------