Security

 View Only
last person joined: 18 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).

cppm profiler conflict clash

This thread has been viewed 2 times
  • 1.  cppm profiler conflict clash

    MVP EXPERT
    Posted Sep 06, 2023 05:26 AM

    H,

    cppm 6.11.4

    2930 f/w wc.16.11.13

    I have a network with switches configured to use  fingerprint collectors for dhcp, http and lldp. I'm not using  udp forwarding at a router endpoint as im trying to move towards switches dealing with the fingerprint function, especialy with the CX 10.12 / cppm 6.11.4 ability to pass fingerprint data via RADIUS accounting packets.

    While this works fine for most devices, for some  managed windows devices  I have a primary fingerprint that says its an unknown device with the os family of the mac oui  manufacturer but then an other category/other os faily/other device name of Computer/Windows/Windows 10/11

    I then have to manually  decide what to do with the device. This isn't bad when you have 1 or 2 devices but when. you have 100's its a bit of a pain.

    Has anyone. seen this sort of thing?  there is a device-fingerprint  timer setting on the arubaos-s switch that defines how often the switch sends data to cppm but  its a bit difficult to track down whsats going wrong, especially if you dont actually have access to a windows device thats seeing the issue. I've also got another set of windows devices that work just fine

    A