Dell Powerconnect W-ClearPass Virtual Appliances W-ClearPass Policy Manager 6. - Page 63
Configuration, MAC OUI, ActiveSync Plugin, CPPM OnGuard, SNMP
View all Dell Powerconnect W-ClearPass Virtual Appliances manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 63 highlights
Configuration Navigate to the Administrator > Network Setup > ClearPass page to configure ClearPass Onboard and ClearPass Guest to send HTTP User Agent string to Profile. The screenshot below shows how the CPPM publisher and Profile nodes configured in ClearPass Guest. MAC OUI MAC OUI can be useful in some cases to better classify endpoints. An example is android devices where DHCP fingerprints can only classify a device as generic android, but it cannot provide more details regarding vendor. Combining this information with MAC OUI, profiler can classify a device as HTC Android, Samsung Android, Motorola Android etc. MAC OUI is also useful to profile devices like printers which may be configured with static IP addresses. ActiveSync Plugin ActiveSync plugin is software provided by Dell to be installed on Microsoft Exchange servers. When a device communicates with exchange server using active sync protocol, it provides attributes like device-type and user-agent. These attributes are collected by the plugin software and is send to CPPM profiler. Profiler uses dictionaries to derive profiles from these attributes. CPPM OnGuard ClearPass Onguard agents perform advanced endpoint posture assessment. It could collect and send OS details from endpoints during authentication. Profiler uses os_type attribute from Onguard to derive a profile. SNMP Endpoint information obtained by reading SNMP MIBs of network devices is used to discover and profile static IP devices in the network. The following information read via SNMP is used: l sysDescr information from RFC1213 MIB is used to profile the device. This is used both for profiling switches/controllers/routers configured in CPPM, and for profiling printers and other static IP devices discovered through SNMP or subnet scans. l cdpCacheTable information read from CDP (Cisco Discovery Protocol) capable devices is used to discover neighbour devices connected to switch/controller configured in CPPM l lldpRemTable information read from LLDP (Link Layer Discovery Protocol) capable devices is used to discover and profile neighbour devices connected to switch/controller configured in CPPM l ARPtable read from network devices is used as a means to discover endpoints in the network. Note that the SNMP based mechanism is only capable of profiling devices if they respond to SNMP, or if the device advertises its capability via LLDP. When performing SNMP reads for a device, CPPM uses SNMP Read credentials configured in Network Devices, or defaults to using SNMP v2c with "public" community string. Network Devices configured with SNMP Read enabled are polled periodically for updates based on the time interval configured in Administration > Server Configuration > Service Parameters tab > ClearPass network services option > Device Info Poll Interval. Dell Networking W-ClearPass Policy Manager 6.0 | User Guide 63