Header Only - DO NOT REMOVE - Extreme Networks
Question

EMC Analytics/Purview - UserID Detection


I think I'm missing something simple here in my setup. I am running Purview 7.0.6.27 with EMC 7.1.2.12 and NAC 7.1.1.9 and WLC V2110 10.31.07.0002.

I am mirroring (n15) my outbound ISP link, and I have netflows on my core for that port (S6, 8.62.4) directed to the purview appliance.

I get app ids in purview as expected, but what I don't get is my username matches for the flows.

I have usernames populating my NAC as expected.

I haven't found anywhere in the purview config to tweak userid settings, nor have I found in the NAC anywhere to export userids to purview.

Is this part of the integration completely behind the scenes? --Or am I missing something in my setup?

9 replies

Userlevel 4
Keith,

there is a config option in
Analytics > Configuration > Engines > Configuration > Access Control Integration
"Enable Access Control Integration"
You have to check this box an save and deploy the configuration to the analytics engines.

(this is the way on 8.0.3/4 - I think this will be at 7.1 as well) )

br
Volker
Userlevel 6
Volker Kull wrote:

Keith,

there is a config option in
Analytics > Configuration > Engines > Configuration > Access Control Integration
"Enable Access Control Integration"
You have to check this box an save and deploy the configuration to the analytics engines.

(this is the way on 8.0.3/4 - I think this will be at 7.1 as well) )

br
Volker

Yes, it is available in earlier codes, in the same area. Sometimes the sections need to be expanded a bit to see all options.

The firmware for Analytics appliance should match the eXtreme Management Center version in almost all cases. NAC is mostly backwards compatible.
In versions 8.x, we expect to keep all appliances effectively revision locked as a requirement. FYI.
I do have that checked, with comm channel 2525....
Keith Obermeier wrote:

I do have that checked, with comm channel 2525....

key question here, is 2525 the correct port?
Userlevel 4
Keith !

I had several issues with comm channel configurations. Don´t do that !
Please try it without comm channel.

br
Volker
Userlevel 4
I just enabled it this morning after reading this post and it worked immediately without the use of comm channel
changed Comm channel to "Default" as shown in the NAC config, and updated NAC and purview to match Netsight version. After these corrections problem was resolved
btw, not sure how but 2525 was prepopulated in my comm channel.
Hi all,

Do you maybe have an idea why in Purview for some flows username is correctly populated from NAC, but for some flows User/Detailed Location fields are blank (and user exist in NAC).

We didn't enable Communication Channels because we don't need that feature in NAC.

Everything (Purview, NAC, EMC) are on same 7.1.2.12 version.

Tnx,
Vesna.

Reply