![]() Wireless Information – Identifies devices where wireless information is present, but SNMP connection traps have NOT been received. Wireless Information and Connection Trap received – Identifies devices where wireless information is present and SNMP connection traps have been received. You’ll want to examine these devices for gaps in SNMP Trap coverage, as gaps could be leading to slow device discovery. This can either indicate devices that have been connected for a long time, or areas where SNMP notification traps are not properly configured. Switch Information – Identifies devices where switch information is present, but SNMP notification traps have NOT been received. Switch Information AND MAC Notification Trap received – Identifies devices where switch information is present and SNMP notification traps have been received. Switch Device – Identifies devices that are switch management interfaces. The following is a breakdown of what the sub-rules are showing: The policy is designed to illustrate any areas on your network where you do not have complete visibility. It is possibly THE most important policy in ensuring that you have 100 percent visibility of all devices connected to your network. The policy in the screen shot below is a modified version of the PS Switch Integration Policy and EVERY CounterACT implementation should have a similar policy in place (the XML export of this policy is attached). If you have difficulties with identifying newly connected devices in CounterACT, the first place to look is the switch, wireless access point/controller and router integrations. SNMP Traps can speed discovery of newly connected devices, but the confidence comes from the CAM and ARP tables. Ensuring that ALL these network devices are being queried by CounterACT is very important because it is the ONLY way to have full visibility of everything on your network. It would be nice to skip it and get to the fun part, but the foundation is critically important and will have a profound impact on the effectiveness of your CounterACT implementation.ĬounterACT discovers endpoints in several ways, but the authoritative method is through querying the CAM and ARP tables of switches, wireless access points/controllers and routers. Like all foundations, there is nothing “sexy” about it. ![]() This is the foundation for the real-time visibility that CounterACT provides. The title for the article was not accidentally put in all CAPS I’m shouting it! In this article, we will focus on learning every MAC and IP address on your network as quickly as possible.
0 Comments
Leave a Reply. |