Managing Network Access Devices
ClearPass Device Insight uses network access devices (NADs) to discover devices on your network. There are two discovery methods that are associated with a NAD Network Access Device. NAD is a device that automatically connects the user to the preferred network, for example, an AP or an Ethernet switch.. These methods are:
- Schedule a network discovery scan.
A network discovery scan is an extensive search of NADs (for example, switches and controllers) and discovery and can take a long time. It uses the augmentation methods (SSH Secure Shell. SSH is a network protocol that provides secure access to a remote device. , NMAP, WMI Windows Management Instrumentation. WMI consists of a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification., SNMP Simple Network Management Protocol. SNMP is a TCP/IP standard protocol for managing devices on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more. It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. ) configured for segments to add additional context.
For more information, see Managing Discovery and Subnet Scans.
- Enable polling of a NAD.
This method automatically polls an individual NAD at a frequency of your choosing. NAD polling uses the configured augmentation methods (SSH, NMAP, WMI, SNMP) for the segments. Since only one NAD is read, the polling process takes less time then a network discovery scan.
With this method, the NADs to be polled are managed using the ClearPass Device Insight. Using the page you can enable or disable the polling of a NAD and enter the polling frequency for the NAD. Any NADs discovered during a network discovery scan are automatically displayed on the page. You can also enter new NADs to be polled that were not discovered during a network discovery scan using the page in ClearPass Device Insight. After you add a NAD using the page it is displayed on the page where it can be managed.
page inThe first time a discovered NAD or newly added NAD is polled, the system reads the sysObjectId, Bridge-MIB, IFTable, CDP Cisco Discovery Protocol. CDP is a proprietary Data Link Layer protocol developed by Cisco Systems. CDP runs on Cisco devices and enables networking applications to learn about the neighboring devices directly connected to the network./LLDP Link Layer Discovery Protocol. LLDP is a vendor-neutral link layer protocol in the Internet Protocol suite used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, which is principally a wired Ethernet., and ARP Address Resolution Protocol. ARP is used for mapping IP network address to the hardware MAC address of a device. entry. After the first read, subsequent polls of those NADs only read the Bridge-MIB table and ARP table.
From the reading of the Bridge-MIB table and ARP table, the system can gather additional information about the devices that are discovered from the polling of the NAD. After a new device is discovered using ARP entries, the polling process uses the configured augmentation methods (SSH, NMAP, WMI, SNMP) for the segment to witch the IP belongs.
You can view all of the devices discovered during the polling of the NAD on the
page, page, or page.
For more information, see: