MacTrack Thoughts - What's Up?

[TheWitness]

All,

Here is a note that I shared with the Cacti Developers. Your thoughts would be appreciated.

Thanks,

TheWitness

__________________________________________________

Jimmy etal,

Have you been tracking my progress on MacTrack. I'm pretty geeked about the inclusion of the Vendor name in the User Display.

I am also pretty intrigued about the idea of "syncing" with a corporate RDBMS as described on the forums in order to confirm/deny rougues.

I wanted to talk to your about design of the "Rogue" thing. I was thinking that there are several modes that we could apply:

1) Approve various Vendor MACS
2) Approve them one at a time (argh, you can imagine how this would work in <edited_out> network)
3) Allow Synchronization with a Corporate Asset Management Database

What are your thoughts about the three methods?

With the Corporate Asset Management Sync, I am thinking about using ADODB's ability to connect with many Database types and then allow the user to perform the following:

specify
database_type
database_ip
database_port
database_user
database_password
select_syntax

Then, provide lot's of ADODB notes on database options and pre-requisites and the "expected" format of the "select_syntax". Once I have established all of that, then, I will provide an option as to "how" often they want to confirm/validate Rogues. Say every poll, every x polls, or during maintenance.

The rougue detection will have to be a combination of all three I believe. But this is why I ask for your opinion. It would be nice to sell this ting

Regards,

Larry

[MagicOneXXX]

Here is my 2 cents:

1. Approve various vendor macs

Nice idea, but what if you want to prevent your users from bringing in their own laptops/computers? And, what if they just happen to bring in an IBM with the same NIC vendor that you whitelisted?

2. Approve each mac by hand

Agreed, BIG pain in the butt. Some operations, though, have yet to keep track of their mac addresses. Perhaps cacti is their first step into monitoring MAC usage, and they need to build a database. Only way to do it is to build it by hand. Besides, this feature is pretty much a must as a "just in case you forgot to inventory" sort of deal. And, what happens if syncing with asset tracking is impossible?

3. Sync with Asset tracking

This is a MUST for this sort of plugin. Problem is, there are numerous different ones out there, and not all of them use MySQL or the like to store their information. I suggested creating one for GLPI, which looks like a good package and something we might implement here at my company.

For asset syncing to work, we need a list of possible packages and user contribution. Which ones are most used? which ones can we sync with? This is going to require at least some user input to help prioritize those most wanted.

In addition, I agree this could go beyond just MAC tracking. Perhaps you have a DHCP server that hands out addresses, and you want to track it's leases in relation to MACs. We had an incident here where a rogue user managed to grab a reserved IP from someone else. We could have used something like mactrack to help us track it down.

I'd love to hear other opinions on this as well. Feel free to voice!