Security

Reply
Highlighted
Frequent Contributor II

Guest Endpoint cleanup

Hi!

 

I've set guest account cleanup to 30days after expiry.

But I just noticed that their endpoints are sill kept in clearpass. I would like to clearnup those and remove them. They are set to status known since we use mac-caching.

 

But I don't want to remove known endpoints that actually use mac-auth for other stuff and are still active. So I guess I cannot use known endpoint clean up since that would remove also those devices.

 

I found another forum thread that was using a script and clearpass API for this. 

 

Is this the only valid solution right now ? Seems like somthing most people would like to do, remove old guest endpoints.


ACMP | ACCP
Guest Blogger

Re: Guest Endpoint cleanup

Your assumption is correct as far as I know. There is no option to only remove "known guest endpoints" in ClearPass. Creating a script to filter endpoints with the Guest ID attribute (write the ID to endpoint db) and remove those endpoints, is a valid scenario (for now).

 

@rene_booches | AMFX #26, ACMX #438, ACCX #725, ACDX #760, CCNP R&S, CEH | Co-owner/Solution Specialist@4IP / blog owner@booches.nl
Frequent Contributor II

Re: Guest Endpoint cleanup

ok, thanks just wanted to verify. Will write a script to do this.


ACMP | ACCP
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: