Hello,
I have a customer who asked me, if it is possible to add a 2nd factor to MAC authentication, as MAC addresses are quite easy to spoof. I tried an NMAP Scan, but there was no distinct result for some devices. As far as I know, snmp cannot be triggered from a service an runs only on a network scan.
I have red that a competing product (arp-guard) can check for https certificates. The cert is trusted on first use and then arp-guard checks against this certificate.
Is there a similar way in ClearPass?
Regards,
Marian