Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1038
Views
0
Helpful
1
Replies

Endpoint Attribute Filter - Enabling for Additional Device Attributes

Go to solution
scamarda
Cisco Employee
Cisco Employee

‎10-23-2018 10:27 AM

A customer of mine has a deployment with approx 10k active devices.  Some of the medical devices with static IP addresses are not profiling beyond the ethernet vendor code.  Some of these devices share the same ethernet NIC vendor and it is hard to determine what the device is from that perspective.  We are looking at different ways to find more attributes.  The first one is NMAP and then SNMP. The customer has the Endpoint Attribute Filter enabled (EAF). 

 

Questions:

 

1) With EAF enabled, does context visibility just show the Whitelist and mandatory attributes?

2) Would there be any benefit to disabling EAF to see if there are other attributes available for unique profile creating?

3) How much of a performance impact would there be by disabling the EAF? 

4) Would there be a mass update or would the updates occur just when the endpoint's PSN ownership changes?

 

I've watched several of Craig's BRKSEC 3699 but still have these questions.

 

Thanks.

Sam.

 

 

 

 

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-23-2018 07:50 PM

1) With EAF enabled, does context visibility just show the Whitelist and mandatory attributes?

No, there are some attributes for context visibility only.

 

2) Would there be any benefit to disabling EAF to see if there are other attributes available for unique profile creating?

 

Unless we are certain they are being filtered out as a result.

 

3) How much of a performance impact would there be by disabling the EAF? 

Huge. The very reason why we have EAF

 

4) Would there be a mass update or would the updates occur just when the endpoint's PSN ownership changes?

Potentially a mass update. I do not think it related to ownership changes.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
hslai
Cisco Employee
Cisco Employee

‎10-23-2018 07:50 PM

1) With EAF enabled, does context visibility just show the Whitelist and mandatory attributes?

No, there are some attributes for context visibility only.

 

2) Would there be any benefit to disabling EAF to see if there are other attributes available for unique profile creating?

 

Unless we are certain they are being filtered out as a result.

 

3) How much of a performance impact would there be by disabling the EAF? 

Huge. The very reason why we have EAF

 

4) Would there be a mass update or would the updates occur just when the endpoint's PSN ownership changes?

Potentially a mass update. I do not think it related to ownership changes.

0 Helpful
Customers Also Viewed These Support Documents