Device Classifier Dynamic XML Support

Device classifier dynamic XML support

Device classifier dynamic XML support is a feature that

  • enables better device classification without upgrading the device to a new release

  • allows updating XML files with new rules, checks, and profiles based on connected devices, and

  • provides dynamic device classification by copying XML files to the device file system.

Device classification workflow and configuration

The current device classifier uses static XML file wherein you define checks, rules, and profiles based on MAC, DHCP, and HTTP TLVs in wireless devices. The static XML file is converted to a text file and integrated with the image. When you enable the device classified functionality using device classifier command, the contents in the text file is read and populated into the device classifier structures.


Note


The subsequent device classification is based on the populated device classifier structures.


Presently, if you find any unclassified devices in a controller, the static XML file is updated with the new rules, checks, and profiles to get the devices classified. You will need to wait till the subsequent release as the static XML file is integrated with the image and cannot be changed from the controller.

The device classifier dynamic XML support enhancement addresses this problem for device classifier dynamic XML file.

With the introduction of dynamic XML support, you are provided with a new dynamic device classifier XML file support.


Note


The filename will be dc_user_profiles.XML and you can update the dynamic XML file with the new rules, checks, and profiles based on the devices connected and according to the provided schema.You can then copy this XML file to the device file system to enable better device classification without the need to upgrade the device to a new release.


The static XML file support is still available. If a device is connected, its TLVs are checked with the dynamic XML user profiles first and if it matches it is classified as per that profile. If you search for non-static XML profiles and if it matches it is classified as per that profile.

Workflow to classify unclassified devices with dynamic XML file:

  1. The dynamic XML filename must be dc_user_profiles.XML .


    Note


    Files with any other name are not read and parsed even if they have the correct schema.


  2. Copy the sample dynamic XML file to your system using this command:

    copy {flash:} {ftp: | tftp:}

  3. Provide a new version for the dynamic XML file:

    <Version>1.1</Version>

  4. Edit the dynamic XML file with the new rules, checks, and profiles as defined in the schema after examining the TLV values of the unclassified devices.


    Note


    To check the TLV values, use this command:

    show wireless client MAC-address MAC detail


  5. Copy the dynamic XML file to the device flash using this command:

    copy {ftp: | tftp:} {flash:}

Once the file is copied to the device file system, the newly connected clients are classified according to the new profiles defined in the dynamic XML file. You need to reconnect the already unclassified devices to send the DHCP and HTTP TLVs, and then classify them according to the new profiles. The already classified devices remain as classified until they are reconnected.


Note


The sample dynamic XML file is available in the device at flash:dc_profile_dir/. You can consider these sample dynamic XML file schema and copy this to your system using copy {flash:} {ftp: | tftp:} command, and append or replace the content with your own profiles, rules, and checks:


<?xml version="1.0" encoding="UTF-8"?>
<DeviceList>
             <CopyRight>Copyright (c) 2021-2022 by Cisco Systems, Inc. All rights reserved.</CopyRight>
             <Version>1.0</Version>
             <Device>
                   <DeviceType>Sample_Profile_1</DeviceType>
                   <RuleName>Sample_Rule_1</RuleName>
                   <RuleOperator>OR</RuleOperator>
                   <RuleCertaintyMetric>20</RuleCertaintyMetric>
                   <Check>
                              <Protocol>DHCP</Protocol>
                              <TLV-Type>12</TLV-Type>
                              <TLV-Value-Type>String</TLV-Value-Type>
                              <TLV-Value>test</TLV-Value>
                   </Check>
                   <Check>
                              <Protocol>HTTP</Protocol>
                              <TLV-Type>3</TLV-Type>
                              <TLV-Value-Type>Integer</TLV-Value-Type>
                              <TLV-Value>23</TLV-Value>
                  </Check>
            </Device>
            <Device>
                 <DeviceType>Sample_Profile_2</DeviceType>
                 <RuleName>Sample_Rule_2</RuleName>
                 <RuleOperator>AND</RuleOperator>
                 <RuleCertaintyMetric>30</RuleCertaintyMetric>
                 <Check>
                        <Protocol>DHCP</Protocol>
                       <TLV-Type>12</TLV-Type>
                       <TLV-Value-Type></TLV-Value-Type>
                       <TLV-Value>test</TLV-Value>
                 </Check>
                 <Check>
                        <Protocol>MAC</Protocol>
                        <TLV-Value-Type>String</TLV-Value-Type>
                        <TLV-Value>Cisco</TLV-Value>
                  </Check>
</Device>
</DeviceList>

Each time you copy a new dynamic XML file, the older user profiles are erased completely and newer profiles are populated. After copying the dynamic XML files, only the newly connected clients are classified based on the new dynamic file whereas the already classified devices still remain as classified with older profiles until they are reconnected.


MAC OUI-based profiles configuration

The Organizational Unique Identifier (OUI) of a MAC address is part of the MAC address that identifies the vendor of the network adapter. The OUI is the first three bytes of the six-byte field and administered by the IEEE.

To define MAC-based profiles in the dynamic XML file, see https://standards-oui.ieee.org/.

For example, if the Client MAC address is 7035.094d.000, then OUI is 0x703509. You can find the corresponding entry in the https://standards-oui.ieee.org/ as shown below:


70-35-09   (hex)		Cisco Systems, Inc
703509     (base 16)	   Cisco Systems, Inc
				  80 West Tasman Drive
				  San Jose  CA  94568
				  US

Feature history for device classifier dynamic XML support

This table provides release and related information about the feature explained in this section.

This feature is also available in all the releases subsequent to the one in which they are introduced in, unless noted otherwise.

Table 1. Feature history for device classifier dynamic XML support

Release

Feature

Feature Information

Cisco IOS XE Dublin 17.10.1

Device Classifier Dynamic XML Support

You can:

  • Add rules, checks, and profile name to an XML file.

  • Upload the XML file to the device file system.

This feature enables better device classification without upgrading the device to a new release.

Note

 

Device classifier dynamic XML support is applicable for these:

  • Devices that are not classified previously: The classification takes effect from the latest file without any reboot.

  • Devices that are already classified: The clients have to rejoin for the classification to take effect.

  • Client previously classified with higher protocol values such as DHCP + HTTP: If the same client wants to be classified with only DHCP, use the clear wireless client device cache command.

Enable device classifier (CLI)

Enable the device classifier feature to automatically identify and classify attached devices on the network.
Device classifier is used to identify and classify devices that are connected to the network based on their behavior and characteristics. This feature helps with network management and policy enforcement.

Procedure


Step 1

Enter global configuration mode.

Example:

Device# configure terminal

Step 2

Enable the classification of attached devices.

Example:

Device(config)# device classifier

Step 3

Return to privileged EXEC mode.

Example:

Device(config)# end

Device classifier is now enabled and will automatically identify and classify devices that connect to the network.

Update dynamic XML file

Update the dynamic XML file to classify devices by adding device configuration information.

Device classification requires specific XML entries in the dynamic XML file to properly identify and categorize devices.

Procedure


Add these lines in the dynamic XML file to classify a device:

Example:


<DeviceList>
           <CopyRight>Copyright (c) 2021-2022 by Cisco Systems, Inc. All rights reserved.</CopyRight>
           <Version>1.1</Version>
           <Device>
                  <DeviceType>Device-test"</DeviceType>
                 <RuleName>Rule-Test</RuleName>
                <RuleOperator>AND</RuleOperator>
                <RuleCertaintyMetric>20</RuleCertaintyMetric>
                <Check>
                        <Protocol>DHCP</Protocol>
                        <TLV-Type>12</TLV-Type>
                       <TLV-Value-Type>String</TLV-Value-Type>
                       <TLV-Value>test</TLV-Value>
                 </Check>
          </Device>

...............................
</DeviceList>

The dynamic XML file is updated with the device classification configuration.

Verify TLV value

To verify the TLV values, use this command:

Device# show  wireless  client  mac-address 7035.094d.0001 detail
Client MAC Address : 7035.094d.0001

…………………………………………………………………………………………………………

Nearby AP Statistics:

EoGRE : Pending Classification

Device Classification Information:

  Device Type         : Un-Classified Device

  Device Name      : Unknown Device

  Protocol Map     : 0x000009  (OUI, DHCP)

  Device Protocol  : DHCP                      -→ <Protocol>DHCP</Protocol>

    Type             : 12   14                          --> <TLV-Type>12</TLV-Type>

    Data             : 0e

    00000000  00 0c 00 0a 74 65 73 74  2d 30 30 30 30 31         |....test-00001  |           ---><TLV-Value>test</TLV-Value>

    Type             : 60   8  

    Data             : 08

    00000000  00 3c 00 04 74 65 73 74                            |.<..test        |

    Type             : 55   11 

    Data             : 0b

    00000000  00 37 00 07 01 1c 02 03  0f 06 0c                  |.7.........     |

Max Client Protocol Capability: Wi-Fi6 (802.11ax)

Old classification cache clearing

If an already classified client uses any of the three type-length-values (TLVs) [OUI, DHCP, or HTTP] and if the combination value is lower, the existing value is ignored. To avoid such a scenario, use the clear wireless client device cache command.

Device# clear wireless client device cache

Note


The priority of the TLVs is as follows:

  • OUI

  • DHCP

  • HTTP

After executing the clear command, you must rejoin the client to get it classified as per the latest XML file.