Security

Just defined a generic NMAP service in CPPM 6.8.1 and added it to our (dev) eduroam, wired dot1x wired macauth services.

NMAP set up using defautls, port scan and detect operating system

So, for a macauth of a Windows VM  that cppm fingerprint says is a win 10  system, nmap audit sayts its "Microsoft Windows Server 2008 SP1 or Windows Server 2008 R2"

Another system that the fingerprint says is :"Windows" NMAP thinks is XP SP2, whoichI doubt 

As a 1st stab at using NMAP, doesn't instill a lot of confidence 

Pointing it at my macOS desktop ( 10.14.x) it says 

Appreciate theres gonig to be . a bit of a learning curve here , but initial glance says ... why would I use this ?

A

But they are there and there's nothing to say you shouldn't use them ... and I can;t see anything in the release notes to say its depreciate ... but I might have missed it

Was just trying to see why we have a whole batch of mac addresses with Device name="Windows"  and not "Windoews 7" or 8 or 10  or whatever

Hi!

I was looking to implement client audit with nmap as a part of my wired mac-auth service.

Is this correct, nmap is deprecated ?

been told it is depreciated by Tim C

Is this Aruba pushing Device Insights (is it available soon?) or are there plans to support some other methods? We have clients with static IPs that don't respond to LLDP, so wondering how to fingerprint those

No this was me trying to use what's available in CPPM but it's . depreciated.

Hopefully real soon now I'[ll have a device insight box to play with for a while

NMAP is available as an endpoint context server action. Only the "Audit" feature was deprecated.

How would I use the endpoint context action ? In an enforcement something like this ?

Found this forumpost:

Is this bug resolved ?