cancel
Showing results for 
Search instead for 
Did you mean: 

NAC - Switches: Auth access Type: Monitoring RADIUS Accouting

NAC - Switches: Auth access Type: Monitoring RADIUS Accouting

M_Nees
Contributor III

I am asking myself what is the use-case of this feature.

What can i do with that ?

 

XMC / NAC online help explains this:

Monitoring - RADIUS Accounting — the switch will monitor Auto Tracking, CEP (Convergence End Point), and Switch Quarantine sessions. ExtremeCloud IQ - Site Engine learns about these session via RADIUS accounting. This allows ExtremeCloud IQ - Site Engine to be in a listen mode, and to display access control, location information, and identity information for end-systems without enabling authentication on the switch. If there are multiple sessions for a single end-system, the session with the highest precedence displays to provide the most accurate access control information for the user. The ExtremeControl authentication type precedence from highest to lowest is: Switch Quarantine, 802.1X, CHAP, PAP, Kerberos, MAC, CEP, RADIUS Snooping, Auto Tracking.

 

AutoTracking, Switch Quarantine are Features of legacy S-Series.

 

Can i use this also on current EXOS Switches too ?

Does anybody use this feature ?

1 ACCEPTED SOLUTION

TylerMarcotte
Extreme Employee

I don’t believe it’s used very often. I believe it was added when Autotracking was introduced with CoreFlow2 as you mentioned. This was when we started doing more passive NAC capabilities. I personally have not seen this used in quite some time, however it’s rare that features are removed in case a customer is using it.

I can’t think of any use case with EXOS where this would apply right now. It says it’s capable of reporting when CEP is being used in policy, but I’ve never seen that use case in the real world.

View solution in original post

2 REPLIES 2

TylerMarcotte
Extreme Employee

I don’t believe it’s used very often. I believe it was added when Autotracking was introduced with CoreFlow2 as you mentioned. This was when we started doing more passive NAC capabilities. I personally have not seen this used in quite some time, however it’s rare that features are removed in case a customer is using it.

I can’t think of any use case with EXOS where this would apply right now. It says it’s capable of reporting when CEP is being used in policy, but I’ve never seen that use case in the real world.

M_Nees
Contributor III
9202cd5ee6714a22af3a56df18f4c0f9_07d0f507-b8b0-4339-95d2-208e33d8d65b.png

 

GTM-P2G8KFN