SNMP Enforcement using Profiler

Devices that have a native 802.1x supplicant or Pulse Client can authenticate themselves using the appropriate credentials (username/password, certificate, token-based, etc) and access the network.

However, devices such as VoIP phones and printers often do not have a supplicant or Pulse client. VoIP phones which support 802.1x can be configured to use 802.1x based authentication.

To allow such devices on the network, the admin can configure MAC Address Authentication using SNMP and Profiler profiles these devices to ensure that only devices of a certain “profile” can access the network.

This document explains a use case of a typical host, such as a VoIP phone, that is not 802.1x enabled to be permitted on the network using SNMP enforcement and the native Profiler.

SNMP enforcement is supported only with Cisco and HP switches. The Switch must be configured for linkup, MAC Address Notification or Port Security traps.