Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

does ClearPass pickup DHCP requests on publisher and subscribers?

This thread has been viewed 5 times

  • 1.  does ClearPass pickup DHCP requests on publisher and subscribers?

    Posted May 21, 2015 08:17 AM

    couldn't find it for sure although this article* seems to indicate it should, so should a subscriber also pickup DHCP requests send to it and add them to the end point repository?

     

    *) http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/What-is-the-limitation-in-ClearPass-for-DHCP-based-profiling/ta-p/216413



  • 2.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?

    EMPLOYEE
    Posted May 21, 2015 08:23 AM
    They can all process them, but only the publisher can write the info to the database.


    Thanks,
    Tim


  • 3.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?

    Posted May 21, 2015 01:15 PM

    Tim thanks for the reply. So you are saying that the subscribers can receive them but don't act on them in anyway?



  • 4.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?
    Best Answer

    EMPLOYEE
    Posted May 21, 2015 01:16 PM
    They essentially process them and forward them to the publisher.


  • 5.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?

    Posted May 21, 2015 01:20 PM

    ok, so DHCP requests which via a DHCP relay are send to a subscriber will end up in the endpoint repository (picked up by subscriber then forwarded to publisher which adds it)?



  • 6.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?

    Posted May 21, 2015 02:22 PM

    As Tim eluded to in an earlier post on this thread..... SUBs can receive DHCP forwarded messages, it will however just forward them to the PUB and then the PUB consolidates all this info, which can come from different profiling sources... DHCP, OUI, HTTP-Agent, TCP Fingerprinting, Cisco sensor etc. and then processes this data and uses as discussed in my below technote to come up with a fingerprint that is the most specific and the most 'trust-worthy' and then syn'c this back to the cluster.

     

    ClearPass Profiling TechNote V1.1.pdf 



  • 7.  RE: does ClearPass pickup DHCP requests on publisher and subscribers?

    Posted May 21, 2015 02:29 PM

    thanks you both, was confused as it seemed the subscriber wasn't picking up DHCP requests, well nothing got added to the endpoint database. but perhaps i was just a little impatient.

     

    will test some more.