Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Linux Computers Not Being Profiled Correctly

This thread has been viewed 2 times

  • 1.  Linux Computers Not Being Profiled Correctly

    Posted Feb 12, 2019 03:08 PM

    A user reported having difficulty getting his Linux computer connected. I set up a test machine running the latest Ubuntu Desktop version and the OS was profiled as the NIC manufacture, not the the OS running on the box.

     

    Today, I have the user's device in my office and it is running Kubuntu and is doing the same thing, although it is a different NIC manufacturer than the one I tested with. They both appear to use the NIC vendor as the OS.

     

    Is there anything else that can be done to better detect the OS on systems running Linux? I haven't tested other Linux distributions.

    Thanks



  • 2.  RE: Linux Computers Not Being Profiled Correctly

    EMPLOYEE
    Posted Feb 12, 2019 03:11 PM
    Do you have IF-MAP configured on your controllers?


  • 3.  RE: Linux Computers Not Being Profiled Correctly

    Posted Feb 21, 2019 07:01 PM

    Tim, sorry for the delayed response. I don't think IF-MAP is enabled. Looking around a bit, it would seem that this feature requires web traffic to better identify devices. This seems like a good thing, but it seems like it would be a bit late in the connection process for what we are wanting to do. What we are wanting to do is not require the OnGuard agent on Linux systems, at least for now. The enforcement policy bypasses the OnGuard portal if the device is identified as a Linux device.

     

    Today we had a user with a Lenovo laptop running Ubuntu. Its OS was identified as "Intel" and received the OnGuard portal. I changed its info in the Endpoint repository to Ubuntu, he reconnected and was off to the races.