Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How do I expiring unused mac address automatically? where is last use mac data?

This thread has been viewed 2 times

  • 1.  How do I expiring unused mac address automatically? where is last use mac data?

    Posted Feb 17, 2015 10:10 PM

    Thanks everyone. very thanks.

     

    It's almost final-stage. I made external db for MAC sync, external web based manager-tool for monitoring mac address log-using appexternal!- with out CPPM root login. :)

     

    Finally, I need to expire unused mac address automatically. (during 6 month or 1 year)

     

    My scenario is... check 'last used date' and drop that mac-address from my external DB.

     

    Where do I find last used date mac-address from my aruba systems? in CPPM? in Airwave?


    ps: Anyone using CPPM with external DB like me? I need to more and more information especially in compliance, please email me.

    thank very much.



  • 2.  RE: How do I expiring unused mac address automatically? where is last use mac data?

    EMPLOYEE
    Posted Feb 17, 2015 10:14 PM
    You'd likely need to send syslog authentication records to your external
    server and create a script that analyzes when a MAC address authenticates
    and then remove it from your database. There is nothing inside of ClearPass
    or the controllers that would do this for you as it's an external source.


  • 3.  RE: How do I expiring unused mac address automatically? where is last use mac data?

    Posted Feb 17, 2015 10:27 PM

    Hi, Cappalli

    Thanks.

     

    Maybe external using from CPPM or controller is impossible, I will try monthly automatic backup/download from my Linux box from CPPM and Airwave using curl or another tool. It's enough to check in a month.


    Many of compliance needs to expiring unused auth methods, I think 'backup of CPPM' (it's Postgress DB), has some last used mac address log. there is many tips_end~~~ view and table.

    How about this scenario?



  • 4.  RE: How do I expiring unused mac address automatically? where is last use mac data?

    EMPLOYEE
    Posted Feb 17, 2015 10:31 PM
    Why not just import your list of MAC addresses to the endpoints repository? 


    Thanks, 
    Tim


  • 5.  RE: How do I expiring unused mac address automatically? where is last use mac data?

    Posted Feb 17, 2015 10:56 PM

    Thanks,

     

    It's for management and security reason. The MAC address is very dynamic and massive.

     

    Our office needs to sync mac-auth globally, then I made external DB for sync mac-address between offices. It's very simple and convinient

    And If using endpoint repository everyone login in CPPM with administrative privileges. So I made view and insert DB system for our MAC-AUTH.

    Is it possible to expiring unused mac-address with endpoins repository? Sorry, I'm not familiar CPPM operating environment, give me expiring unused macaddress best practice with endpoins?

    May be I'll find some hints from that.

    thanks.