Switch Configuration

The profiler interacts with switches from various vendors. The switch configuration varies for each switch type.

See the following sections for general switch configuration procedures for widely used switches.

•Appendix: Configuring Cisco Switches

•Appendix: Configuring Juniper Switches

•Appendix: Configuring HP (Procurve) Switches

Forwarding DHCP Requests to IPS

To enable DHCP fingerprinting for endpoint classification, one or more edge devices (switches or wireless access points / wireless LAN controllers) need to be configured to forward all DHCP packets for each VLAN to the internal interface of the IPS appliance. This enables the on-box Profiler to profile endpoints by parsing the DHCP packets arriving at the IPS appliance.

In some environments, it might be easier to forward DHCP traffic to the Profiler using the SPAN/RSPAN configuration.