Cisco Cisco 2504 Wireless Controller 문제 해결 가이드

Cisco ISE profiler service provides the functionality in discovering, locating, and determining the capabilities
of all the attached endpoints on your network, regardless of their device types, in order to ensure and maintain
appropriate access to your enterprise network. It primarily collects an attribute or a set of attributes of all the
endpoints on your network and classifies them according to their profiles.

The profiler is comprised of these components:

The sensor contains a number of probes. The probes capture network packets by querying network
access devices, and forward the attributes and their attribute values that are collected from the
endpoints to the analyzer.

• 

An analyzer evaluates endpoints using the configured policies and the identity groups to match the
attributes and their attribute values collected, which classifies endpoints to the specified group and
stores endpoints with the matched profile in the Cisco ISE database.

• 

For mobile device detection, it is recommend to use a combination of these probes for proper device
identification:

RADIUS (Calling−Station−ID): Provides the MAC Address (OUI)

• 

DHCP (host−name): Hostname  default hostname can include device type; for example: jsmith−ipad

• 

DNS (reverse IP lookup): FQDN − default hostname can include device type

• 

HTTP (User−Agent): Details on specific mobile device type

• 

In this example of an iPad, the profiler captures the web browser information from the User−Agent attribute,
as well as other HTTP attributes from the request messages, and adds them to the list of endpoint attributes.