Security

Hi All,

Just double-check if these details below pertaining SNMP query probe are true,

especially under Remarks column, where it says 'can be triggered by SNMP trap'.

This table comes from my solution architect.

No	Profiling Methods	Active / Passive	Pre-requisite from Medical Device	Remarks	Conclusion	Challenges
1	SNMP query probe	Passive	Medical device supports LLDP to be able to be queried through switch	Not required if Device Sensor enabled. Configure SNMP at NAD settings in ISE / CPPM, and it will probe periodically, or it can be triggered upon RADIUS accounting start / SNMP trap	This probe mainly able to profile devices based on CDP or LLDP, especially IP camera, IP phones, infrastructure devices (such as AP).	This might not be feasible if CDP / LLDP is turned off

Hi,

SNMP trap was mandatory in earlier versions of ClearPass to profiler devices through NAD >> SNMP Read. But now it is just an option starting with 6.8.1.
You are good with periodic polling without traps.

Original Message:
Sent: Jul 01, 2022 11:32 PM
From: BERNHARD HUSTOMO
Subject: Profiling with SNMP query probe - Does it Require SNMP Trap ?

Hi All,

Just double-check if these details below pertaining SNMP query probe are true,

especially under Remarks column, where it says 'can be triggered by SNMP trap'.

This table comes from my solution architect.

No	Profiling Methods	Active / Passive	Pre-requisite from Medical Device	Remarks	Conclusion	Challenges
1	SNMP query probe	Passive	Medical device supports LLDP to be able to be queried through switch	Not required if Device Sensor enabled. Configure SNMP at NAD settings in ISE / CPPM, and it will probe periodically, or it can be triggered upon RADIUS accounting start / SNMP trap	This probe mainly able to profile devices based on CDP or LLDP, especially IP camera, IP phones, infrastructure devices (such as AP).	This might not be feasible if CDP / LLDP is turned off