What are "known" endpoints in ClearPass?
What are "known" endpoints in ClearPass?
In ClearPass, the concept of 'Known' endpoints refers to devices that have been successfully authenticated and are thus recognized by the system. When a device initially connects, it may go through a MAC authentication. If this fails, the user may be prompted to complete a captive portal process to authenticate. Upon successful authentication, ClearPass marks the endpoint as 'Known', allowing for future authentications based on the MAC address. This allows the device to bypass the captive portal login in subsequent connections.
D is correct, but what about A?
D. "Unknown" devices can have fingerprinting completed as well. So "known" does not equal fingerprinting.
D is correct You can use the Known client and Unknown client status in role-mapping rules by specifying the Authentication:MacAuth attribute.
When you explore the authentication timeline, you will see that during client association the NAD will attempt a MAC authentication. The first time this is executed the endpoint status is “unknown” and the MAC authentication request will fail. | When the Mac authentication fails, the NAD will prompt the user to go through the captive portal process. Upon successful completion, ClearPass marks the endpoint as known and adds the guest attributes. | When the client disconnects and reconnects on the network, the NAD will attempt another MAC authentication. Since the client has successfully completed a guest authentication, and the attributes on the endpoint have been updated, the MAC authentication will pass and the user will not have to renegotiate the captive portal. D is correct
D is correct