Profiling Question:
I have a question about profiling. I understand that it is used with ISE to make authz decisions based on what ISE can determine the endpoint is. Profiling is used to help ISE learn this. Few questions about profiling:
- SNMP – it sounds like the PSN will actually try to walk the MIB on the endpoint via a ‘network scan’. So does this mean I can make SNMP queries of the endpoint to help determine if it’s a printer? (If the printer is configured for SNMP)
- It sounds like Device Sensor is the best way to profile the endpoint as the collection gets closer to the endpoint. However you can only use DHCP, CDP, and LDDP? Is this true, that seems rather limiting. I feel like DHCP, and SNMP will be the most useful profiling engines. So with this SNMP is still done from the PSN?
The other probes all make sense. How often are you doing profiling policies? I have a client that will be using Rockwell devices in manufacturing plants, wondering how I might be able to profile these.
Thanks,