Deploying an Identity Aware Network
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Extreme Networks Application Note
<creationTimestamp>1269562521505</creationTimestamp>
<location>
<port>13</port>
<portDisplayString/>
<macAddress>00:0d:88:68:8f:cc</macAddress>
<lldpCapabilityInfo>0</lldpCapabilityInfo>
<netBiosHostName>WORKSTATION1</netBiosHostName>
<kerberosSnooping>true</kerberosSnooping>
<authMethod>na</authMethod>
<securityProfile/>
<securityViolations/>
<logonStatus>loggedOn</logonStatus>
<logonTime>1269562521505</logonTime>
<logOutTime>0</logOutTime>
<authFailTime>0</authFailTime>
<vlanInfo>
<vlan>
<name>corp</name>
<ipAddress>192.168.0.156</ipAddress>
</vlan>
</vlanInfo>
<modificationTimestamp>1269562521505</modificationTimestamp>
</location>
</object>
</objects>
</switch:getResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
5.2.2. Receiving Unsolicited Identity Events from Edge Switches
The previous section explored the method by which an application can periodically monitor for identities being tracked by
an edge switch. However in some scenarios, it might be required to receive real-time events about identities from the edge
switch. This also alleviates the polling/monitoring overhead in the application.
ExtremeXOS switches can act as clients and can publish events to preconfigured application servers. Recollect from earlier
discussions that EPICenter is such an application that can receive unsolicited identity events from edge switches in the
network. In order to achieve this, the XML client process will need to be configured on the edge switch. The following
information will be required to complete the configuration of XML Client process on the edge switch.
Target Name
URL
Credentials
Helps in uniquely identifying a target application when more than one application is to be
integrated with the XML Client process in ExtremeXOS.
For e.g. monitor-authentication-failures
URL of the application to be integrated with, in the network.
For e.g. https://10.127.4.202/authfailures
Username and Password to authenticate with the application. These parameters are not
required if authentication with the application is not required.
For this example, we will consider that no authentication is required for the application.
create xml-notification target monitor-authentication-failures url
http://10.127.4.202/authfailures
configure xml-notification target monitor-authentication-failures user none
enable xml-notification monitor-authentication-failures
configure xml-notification target monitor-authentication-failures add idMgr
© 2010 Extreme Networks, Inc. All rights reserved. Identity Aware Network—Page 61