Configuring ClearPass Device Insight

Before you can view the devices that have accessed your wired or wireless network in the Classified Devices page, Generic Devices page, or User Classified Devices page you need to deploy the collectors and then configure the discovery settings for the collectors.

High-Level Discovery Setting Configuration Process Flow

Following is a diagram illustrating the high-level discovery setting configuration process flow:

Figure 1  High-Level Discovery Setting Configuration Process Flow

Follow this high-level process flow to configure the discovery settings:

  1. Deploy on-premises the collectors (virtual appliances or physical appliances) at your organization.

    For more information, see Deploying ClearPass Device Insight.

  2. Configure the different switches and controllers to send DHCP Dynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  traffic (DHCP Relay and IP-Helper) and SPAN traffic to ClearPass Device Insight collectors.
  3. Log in to ClearPass Device Insight Administration user interface.

    The Initial Configuration Detected dialog box opens displaying the following message: Catch All segment is configured with default RFC Request For Comments. RFC is a commonly used format for the Internet standards documentss. 1918 subnet Subnet is the logical division of an IP network. subnets. Would you like to keep this as your configuration?

    Under this message is a Confirm button and a Edit button.

    ClearPass Device Insight gives you the option to accept these default subnets (10.0.0.0/8, 192.168.0.0/16, and 172.16.0.0/12) for this Catch All Segments segment or you can edit the segment and add additional subnets to the segment. After the Catch All Segments segment is created you are able to create additional segments.

  4. Complete the configuration of the Catch All Segments segment by performing one of the following:

    To accept the default configuration, click Confirm.

    After you click the Confirm button, the following occurs:

    To edit the default configuration:

    1. Click Edit.

      After you click the Edit button, the following occurs:

      • The Edit Subnet Segment page opens displaying the Catch All Segments segment. In the Subnet List card these subnets are displayed: 10.0.0.0/8, 192.168.0.0/16, and 172.16.0.0/12.
      • Collectors are enabled.
      • SPAN and DHCP are enabled for the collectors.
    1. Add additional subnets to the Catch All Segments segment using the Edit Subnet Segment page.

      For information, see Editing Subnet Segments.

      Additional segments can be added making network scanning more manageable.

    2. (Optional) Configure new augmentation methods (SNMP, SSH, WMI, and NMAP) and associate them to the Catch All Segments segment using the Edit Subnet Segment page.

      For information, see Editing Subnet Segments.

    3. Close the Edit Subnet Segment page

      At this time, the collectors are only detecting devices that have accessed the network and collecting the device attributes related to those devices using the SPAN and DHCP passive collection methods.

      To take full advantage of ClearPass Device Insight functionality you should consider scheduling active scans (Discovery and Subnet). Active scans use active collection methods and can use the different augmentation methods to enhance the device data that is collected by the collector for which ClearPass Device Insight uses for device classification.

  5. Schedule Discovery type scans for each collector using the Edit Collector page.

    Discovery type scans are used to discovery devices in the network by entering one or more seed device (switch or router) IP addresses on which to start the scan.

    You should configure at a minimum an SNMP augmentation method for Discovery type scans to be able to collect device information.

    At this time, the collectors are scanning the network using active collection methods and augmentation methods to collect additional device attributes for the devices.

    For information, see Managing Discovery and Subnet Scans.

  6. (Optional) Add additional segments with augmentation methods and then associate those segments to collectors by performing the following:
    1. Add additional augmentation methods (SNMP, SSH, WMI, and NMAP) using the different New Augmentation Method pages.

      For information, Configuring Augmentation Methods.

    2. Add new segments and associate subnets to those segments using the New Subnet Segment page.

      When you add a segment you assign it to a collector.

      For information, see Creating Subnet Segments.

    3. Associate augmentation methods to one or more of the new segments created in Step b using the Edit Subnet Segment page.

      For information, see Creating Subnet Segments.

  7. Schedule a Subnet type scan for the new segments using the Edit Collector page.

    At this time, the collectors are scanning the network using active collection methods and augmentation methods to collect additional device attributes for the devices.

    In ClearPass Device Insight you can associate different augmentation methods to different segments. Then when the collector is scanning the network discovering devices during an active scan (Discovery or Subnet), depending on the segment where the device is discovered, the segments associated augmentation methods are used to collect additional device attributes. The device attributes that are collected for each device are used to classify the device.

    For information, see Managing Discovery and Subnet Scans.