[unisog] Cisco Profiler (was Re: Printers, printers, printers)

[Michael Kaegler]

At 3:45 PM -0500 12/12/07, Anthony Maszeroski wrote:
>Did you implement the Cisco NAC profiler? :

The Cisco Profiler (nee Great Bay Beacon) in theory automatically 
detects printers or other devices and feeds them to the exception 
list in Cisco NAC automatically.

We decided that was exactly what we did not want. With the line 
between "full computer" and "dumb appliance" bluring, we decided we 
cannot allow a single node on the network without having a 
responsible person available for us to contact about node 
misbehaviour.

Expanded:
An xbox360 can't run a agent to login to Cisco NAC. We're not using 
web logins since theres no guarantee that these appliances can run a 
browser. However, some of these devices *can* run a bittorrent or 
commit other sins for which the lawyers want us to answer. Therefore, 
we need to have a name associated to each MAC address. If profiler 
were to autodetect these boxes, we would not get that name.

So we're writing special software to handle registrations, because it 
seems noone else has. We're using the beacon to verify that devices 
claimed to be xboxes are indeed xboxes (OUI checks are worthless 
these days). So far none of it works (we're still writing), but we're 
looking to deploy in March.
-porkchop
-- 
Michael "Porkchop" Kaegler, Sr. Network Analyst
(845) 575-3061 Marist College, Poughkeepsie, NY