People Finding with Cisco Meraki on PlaceOS
People Finding with Cisco Meraki on PlaceOS
Section titled “People Finding with Cisco Meraki on PlaceOS”Wireless
Section titled “Wireless”Cisco Meraki provides two interfaces for locating users:
- Dashboard API
- PlaceOS uses version 1 of the API
- Scanning API
- Version 3 of the API is required
Data Collected
Section titled “Data Collected”Ideally you collect the following:
- Username to MAC address mappings
- Provided by the Dashboard API
- Regularly polled via HTTP to learn who owns the devices on the network
- MAC address to x, y map coordinates and SSID
- Provided by the Scanning API
- Cisco Meraki uses a webhook to post data to PlaceOS
- PlaceOS must be accessible on the public internet with valid TLS certificates
Device Certificates
Section titled “Device Certificates”{% hint style=“info” %} If devices authenticate against the network using certificates, the username is unknown to Cisco Meraki. In this case, you need to determine usernames another way. {% endhint %}
- Username to IP address
- You may have an established method for this process, which you may use
- One of the most reliable methods is parsing Domain Controller authentication logs
- IP address to MAC address mappings
- Provided by the Dashboard API
- Regularly polled to learn who owns the devices on the network
- MAC address to x, y map coordinates and SSID
- Provided by the Scanning API
- Cisco Meraki uses a webhook to post data to PlaceOS
- PlaceOS must be accessible on the public internet with valid TLS certificates
If you use device certificates, you will need to have Step 1 in near-real-time to match usernames to MAC addresses
Integration Requirements
Section titled “Integration Requirements”- Cisco Meraki must be on Firmware R26 or higher
- Cisco Meraki must be able to connect to PlaceOS rest-api microservice
- PlaceOS microservices must be able to connect to Cisco Meraki
- Cisco Meraki Scanning API v3 or higher must be configured
- Provide PlaceOS integrator the validator code
- Provide PlaceOS integrator the secret code
- Cisco Meraki Dashboard API v1 or higher must be configured
- Provide PlaceOS integrator with API Key
- PlaceOS integrator to provide a webhook for posting logs
For locating users plugged into a wired network, possibly via a docking station.
- Dashboard API
- PlaceOS uses version 1 of the API
- SNMP configuration
- PlaceOS requires Link Up and Link Down traps
- PlaceOS requires SNMP access to switches directly
Data Collected
Section titled “Data Collected”- Username to IP address
- You may have an established method for this process, which you may use
- One of the most reliable methods is parsing Domain Controller authentication logs
- IP address to MAC address mappings
- Provided by the Dashboard API
- Regularly polled to learn who owns the devices on the network
- MAC address to Switch Port mappings
- Provided by polling the Network Switches (SNMP queries)
- SNMP Traps allow you to detect changes in real time
- PlaceOS must be able to receive traps originating from the public internet
Integration Requirements
Section titled “Integration Requirements”- Cisco Meraki must be able to connect to PlaceOS
- PlaceOS must be able to connect to Cisco Meraki
- Cisco Meraki Dashboard API must be configured
- Provide PlaceOS with API Key
- Cisco Meraki SNMP access must be configured
- SNMP Link Up and Link Down traps
- Direct switch SNMP polling configured
- Provide PlaceOS with community strings and credentials if using SNMPv3
- Provide PlaceOS with list of Switch IP addresses
- Provide PlaceOS with Switch Port to Desk ID mappings