Hi
This can be implemented with the Endpoints repository instead. In a large environment Insight database may not be active on all servers. Instead the Insight DB only exists on a few servers.
The process I usually utilize in this scenario is to have an enforcement profile writing a time stamp to the Endpoints database, the same type as utilized for guest and MAC caching, but to a custom attribute.
During the MAC auth this attribute is checked for the authorization of the client.
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------
Original Message:
Sent: Mar 25, 2024 07:33 AM
From: alexs-nd
Subject: using insigfht queries as part of the enforcement process
We have a number of domain joined windows machines that normally perform eap-tls auth to connect to our wired network.
Occasionally an end user can instigate an elective rebuild to rebuild their system. As this is a windows rebuild theres a possibility that there will be a macauth in the middle of the rebuild. ( rebuilding the machine means that it needs to wait for a gpo push for a new cert)... in which case the device will get dropped into our captive portal vlan and. the rebuild will fail.
Can i use insight as part of of the auth / process so that if a mac address has performed a eap-tls within a given time interval I can push a different. enforcement policy. to enable the rebuild to continue?
i can push an attribute into endpoints indicating last eap-tls, auth time and use that but just wondering if using insight to find last TLS auth might be a solution
A
A