05-14-2019 12:07 PM
Is 802.1x required for profiling on the wire?
Solved! Go to Solution.
05-15-2019 05:49 AM
05-14-2019 01:08 PM
05-14-2019 07:22 PM
Profiling is certainly not required for wired 802.1X because 802.1X itself is the authentication method. In fact, you cannot profile an un-authenticated device that is on a port in "closed mode", because 802.1X is layer 2 - the port is shut and doesn't allow traffic to or from the client to pass. Only EAP frames can pass. And this doesn't not count as profiling.
I would add that once an endpoint has been authenticated (via 802.1X) then you can enable Radius Profiling data to be sent from a Cisco Switch that supports Device Sensor. You get free profiling on the switch and the data is sent to ISE via Radius Accounting (Interim-Updates). This means you can get better visibility about the IP address, hostname, OS, web browser etc. via "passively" snooping the client traffic on the switch.
All other more "active" profiling methods are also available (NMAP, DHCP, HTTP, AD, etc)
05-15-2019 05:49 AM
05-15-2019 07:20 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide