< Back to LISTSERV archives

NETMAN@LISTSERV.EDUCAUSE.EDU


View:

:

[

|

Previous Message

|

Next Message

|

]

:

[

|

Previous Message

|

Next Message

|

]

:

[

|

Previous Message

|

Next Message

|

]

:

Proportional Font

LISTSERV Archives

LISTSERV Archives

NETMAN Home

NETMAN Home

NETMAN  2013

NETMAN 2013

Subject:

Re: Infoblox DHCP fingerprinting

From:

Peter P Morrissey <[log in to unmask]>

Reply-To:

The EDUCAUSE Network Management Constituent Group Listserv <[log in to unmask]>

Date:

Fri, 12 Jul 2013 13:42:57 +0000

Content-Type:

text/plain

Parts/Attachments:

Parts/Attachments

text/plain (35 lines)

We have used DHCP finger printing with our own scripts. What we found was that it is not 100% accurate as not every device has a truly unique fingerprint and one case a character sequence in the fingerprint caused a problem. This might not be a big issue depending upon your use case.  We also found that sometimes this changes with OS changes and upgrades etc as this is dependent upon the vendor of the end point. We were using it to identify games to let them on our wired residential network without forcing them to authenticate. Overall I would guess that it was 85-90% accurate. In the end, we realized that we already know where everyone lives so we opened up our wired ports in the residences. 

Having said that though, I do believe the idea of being able to identify, classify and report on the types of devices in the network using DHCP logs is attractive.

Pete Morrissey

-----Original Message-----
From: The EDUCAUSE Network Management Constituent Group Listserv [mailto:[log in to unmask]] On Behalf Of Patrick Gorsuch
Sent: Friday, July 12, 2013 9:13 AM
To: [log in to unmask]
Subject: [NETMAN] Infoblox DHCP fingerprinting

I recently had a chat with my Infoblox rep and he was touting some new features being rolled into their IPAM products.  Of interest is the DCHP fingerprinting service available in R6.7.  We've made an investment in the Great Bay Beacon product to perform this function (assigning VLANs via a tangle of RADIUS/LDAP/802.1x joy).  If the accuracy is there with Ib, I'd love to cut out both the complexity and additional equipment necessary for device fingerprinting.

Link to the product sheet:
http://www.infoblox.com/sites/infobloxcom/files/resources/infoblox-note-dhcp-fingerprinting.pdf

Link to a quick video/slide show:
http://www.infoblox.com/downloads/resources/dns-firewall-dhcp-fingerprinting

We moved to the Infoblox platform last year and are jumping into more serious use of IF-MAP, so this is tempting.  Right now we're a rev behind on code and thus haven't had access to this feature. Anyone tested these waters?

- Pat

--
Patrick N. Gorsuch
Manager, Networks and Information Security Gallaudet University
202-651-5070
[log in to unmask]

**********
Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

**********
Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Top of Message | Previous Page | Permalink


Options

Log In

Log In

Get Password

Get Password


Search Archives

Search Archives


Join or Leave NETMAN

Join or Leave NETMAN


Archives

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999
1998

ATOM RSS1 RSS2