![]() Repeat this procedure for additional entries if needed. Specify the parameters in the SSH Configuration page as described in the following table, then click Save Entry.Įnter the username for the device or subnet specified.Įnter the password for the device or subnet specified.Įnter the Enable password, then reenter the password in the Enable Password Verify field. Navigate to Configuration > Profile Settings. These credentials are used when an SSH scan is initiated. The SSH configuration can be for a single IP address or a subnet. To configure SSH credentials for a network discovery scan: These credentials are organized in the order in which they were created. You can configure multiple user names and passwords. When SSH is found for an IP address or subnet, Network Discovery looks for any Linux server or machine associated with that IP address or subnet. Optionally, enter a description of this SNMP configuration (recommended).Įnter the community string, then reenter the community string in the Verify field.įor Linux server or network device discovery, specify SSH (Secure Shell) configuration credentials. When you initiate the network discovery scan, ClearPass will use the SNMP configuration to fetch the network device information for discovered devices.įrom the drop-down, select the appropriate SNMP version. For multiple entries, separate multiple IP addresses with commas. When finished, click Save Entry, then click Save.Įnter either one or more IP subnets or one or more IP addresses. Specify the SNMP Configuration parameters as described in Table 1. The Profile Settings > SNMP Configuration page opens. Navigate to Configuration > Profile Settings, then select the SNMP Configuration tab. An SNMP-based scan sends an SNMP request to retrieve the network device information. SNMP Credentials Configurationįor network device discovery, specify SNMP Read credentials. These credentials are used during Network Discovery or an On-Demand subnet scan to profile Linux servers and machines (SSH credentials), Windows servers and machines (WMI credentials), and network devices (SNMP). You must configure SNMP, SSH, and WMI credentials for the devices that you want to discover as part of the network scan. Review the set of discovered devices and view the connected endpoints and neighbors. Import the discovered network devices into ClearPass. Network Discovery High-Level TasksĬonfiguring Network Discovery consists of these major tasks: 1.Īdd the configurations (SNMP, SSH, or WMI) needed to query all the devices in the target network. This information will be displayed in the ClearPass Insight Endpoint reports. Services and processes running on an Endpointĭuring the subnet scan, Network Discovery and the OnConnect domain-joined Windows client will be queried to retrieve all the services and processes running on the endpoint. For more information, see Viewing Details on a Discovered Device. Other network devices connected to the seed device as determined by neighbor discovery protocols such as Cisco Discovery Protocol (CDP) and Link Layer Discovery Protocol (LLDP) (if enabled in your network).Įach of the discovered neighbor network devices are further queried as seed devices this is repeated for multiple levels in your network up to a specified scan depth. For more information, see Viewing Discovered Endpoints. These endpoints are probed further in an attempt to profile those devices. The ARP table provides information about MAC address > IP associations for endpoints that were recently seen by this device. When this option is enabled, the scan also probes all available ARP entries. ĬlearPass supports Address Resolution Protocol (ARP) probes for network discovery scans. Information about endpoints connected to the network device (typically MAC addresses of endpoints connected to switch ports). For more information, see WMI Credentials Configuration. įor Windows device discovery, specify WMI (Windows Management Instrumentation) credentials. For more information, see SSH Credentials Configuration. įor Linux server or network device discovery, specify SSH configuration credentials. For more information, see SNMP Credentials Configuration. The following information is read from the seed device: Īn SNMP description is necessary for discovering and profiling the network devices. Network Discovery uses a configured seed network device (typically a switch, router, or controller) to discover endpoints and network devices. Importing and Viewing Discovered Network DevicesĬonfiguring Nmap-Based Endpoint Port Scans This section provides the following information: Īdding the Configurations to Query Seed Devices ![]() Open topic with navigation Profiler and Discovery: Network Discovery Profiler and Discovery: Network Discovery
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |