Security

Reply
Highlighted
Aruba Employee

Re: Profiling for static IP

Well that's not accurate.

On-demand Static endpoint profiling require cppm to receive radius accounting with framed-ip address.

This can be done with Cisco and aruba switches that support ip device tracking.

Once the ip is updated for that radius session you can use Session notify enforcement to trigger the API to scan the endpoint with nmap \ SSH \ snmp methods.

 

 

Highlighted
Occasional Contributor II

Re: Profiling for static IP

Let me see...

I configure the SNMP to pull the arp table.

Clearpass gets notification about a new device

Clearpass try to profile using SNMP, doesn't work because it's a Windows PC

Clearpass try to porfile using WMI, but as this isn't a corporate computer, the credential doesn't work.

 

Is this correct? Only nmap checking the ports will work to profile the device?

Highlighted
Aruba Employee

Re: Profiling for static IP

Yes,

If passive fingerprinting fails then NMAP \ WMI is the way to go.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: