Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get information about deploying NAC Profiler within a NAC Appliance solution with Cisco expert James Burke. James has been with Cisco Systems for more than four years. Currently he works as a technical marketing engineer for the endpoint security business unit. James was primarily responsible for NAC Profiler.
Remember to use the rating system to let James know if you have received an adequate response.
James might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through February 27, 2009. Visit this forum often to view responses to your questions and the questions of other community members.
You will need 1 NAC Profiler Appliance and one Collector license to enable Collector services on your exsiting. NAC Server
I would like to know whether you have any document or list of syntax for endpoint profiling on printers? I mean like the search data for the DHCP Client vendor.. etc..
Hi, We have several canned profiles built into Profiler already. Most profiles are based on well known ports that print servers will use and DHCP vendor information that the manufacturer has included for DHCP requests.
We don't keep a documented list today. You can however create your own Profile by "sniffing" the DHCP traffic from the printer and matching the vendor information on the request and offer.
Thanks. How does Profiler perform behavior monitoring like if there is a mac spoofing, how does that work.
We are looking to deploy NAC globally. 3 core sites with NAC in a primarily centralized OOB Layer 3 model. This is for about 10 CAS's per site. Does each CAS set have to have Collector licenses, or can a one or two set's serve as the collectors?
Question over the NAC Appliance, not specifically the Profiler.
How do you recover the Admin password for the WebGui.. SSH username and password are known. Reason is we will upgrade from 4.0.5 to 188.8.131.52. However the WebGui (admin) password is required and also unknown.
It is ok we have solved this issue. Thanks for you assistance. Resolution was via ssh, update the tomcat-users.xml with an hash entry (that was known). "Service perfigo restart".. Webgui works fine.
In detecting a spoofed MAC address, does the profiler have to be off of a SPAN port? Basically, what are the pros/cons of having the collector local vs having it remote (Via multiple L3 hops?)
Hello James, i have a NAC Profiler Failover on HA. Do you know the reason by i can't do login by SSH? I follow the instruction the installation twice and everything was good. But we can't connect with the root or beacon user to CLI.