Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

When is Static IP TRUE in Endpoints database?

This thread has been viewed 15 times
  • 1.  When is Static IP TRUE in Endpoints database?

    Posted Aug 07, 2023 11:08 AM

    Working in a deployment i haven't setup myself. In th Endpoints database I notice quite a number of entries with Static IP TRUE.

    How does ClearPass determine an entry has a static IP / sets that attribute to True? I did notice that some layer 3 devices have the read ARP table option flagged, can that be it?

    The weirdest ones are where Static IP is TRUE, but there is no IP shown at IP Address. Is that logical somehow or probably something buggy?



  • 2.  RE: When is Static IP TRUE in Endpoints database?
    Best Answer

    Posted Aug 08, 2023 02:02 AM

    Hi,

    as far as i know ClearPass defines an IP to be static in case it does not "see" a corresponding dhcp request.

    Kind regards



    ------------------------------
    Martin
    ------------------------------



  • 3.  RE: When is Static IP TRUE in Endpoints database?

    Posted Aug 08, 2023 11:43 AM

    That is my understanding as well.  Also information from the switch itself via RADIUS Accounting or SNMP.




  • 4.  RE: When is Static IP TRUE in Endpoints database?

    Posted Sep 21, 2023 10:48 AM

    Thanks both.

    It makes sense although I had a hard time understanding in my environment how I would end up with Static IP true, but no known IP address. The environment heavily relies on DHCP and the places where static IPs are used there is ARP table reading to determine IP addresses.

    Still I think I found some corners of the network where the DHCP requests remain local. So that probably is the cause of the entries.