Looking for any ideas how to monitor what devices are connected to the network. There are many different departments etc. always adding and removing devices and in a time all the Excels and other databases/CMDBs start to become at least a bit outdated.
So I'm looking for a way to help validate the data in the CMDB by checking what we have actually seen in the network in the last month or two. As this wouldn't be a NAC type of situation where we rely only on the profiled data, it can be a bit cheaper and less trustworthy solution. We'd then figure the rest out manually. We're going towards 802.1x all the time but also that takes quite a while and in the meantime we would need something :)
Some options I've thought:
- Do MAB that permits everything but writes extra attributes for ClearPass endpoints (last seen switch/port/connection time)
- Add a FortiGates to each aggregation switch and mirror traffic to FortiGate and enable device detection
- Buy Clearpass device insight (though not sure if this would be beyond budget)
- Buy linux boxes and use some security tool to gather data from mirrored port (any recommendations?)
Any thoughts or ideas?
No comments:
Post a Comment