Re: What are the endpoints attributes collected by NAC Profiler
NetMap queries network devices via SNMP for:
802.1X information (PAE MIB)
CDP MIB Information
This information is used to Build and maintain a model of the network topology and endpoint discovery.
NetMap uses SNMP Get, GetNext and GetBulk (when available) requests to query the SNMP agents running on the network infrastructure devices to gather specific Management Information Base (MIB) objects about their status based on device type (Layer 2 or Layer 3).
In addition to polling each network device for all MIB data at a regular interval, NetMap may also be commanded to poll port-specific information when the NAC Profiler system is notified that an endpoint has joined or left the network via SNMP traps sent by devices at the network edge, switches typically.
Upon receipt and verification of a link state (link up, link down) or MAC notification trap, NetTrap will notify the NAC Profiler Server that a change has occurred on the network edge (endpoint joined or left a network port). If the trapping device is in the NAC Profiler configuration, the NetMap component module assigned to poll the device that sent the trap will be commanded by the Server module to initiate a poll of the device's port information to determine the change to the endpoint topology that resulted in the trap being sent by the network device.
The information gathered by NetMap is processed by the Server accordingly to update the network topology, noting the endpoint joining or leaving a port. Note that NetMap SNMP polling of network devices resulting from a trap is localized to the port specified in the trap. This is unlike the regular polling that occurs at the frequency specified for each device type (L2 and L3) which gathers all SNMP information from the device used by the NAC Profiler system.
The NetWatch module listens for traffic including DHCP traffic.
The module will collect all the DHCP information on the traffic collected, like mac address, ip address, DHCP Vendor Class Identifier in DHCP request, host name in DHCP request, requested specified options in DHCP request (option 55) and full list of DHCP options supported by the DHCP client as specified in the DHCP request.
All the endpointe data can then be used to map endpoints with profiles.
If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...