Dell Powerconnect W-ClearPass Hardware Appliances User Manual page 51
W-clearpass policy manager 6.0 user guide
Hide thumbs
Also See for Powerconnect W-ClearPass Hardware Appliances:
- Deployment manual (320 pages) ,
- Quick start manual (28 pages) ,
- Hardware installation manual (13 pages)
Table of Contents
Advertisement
Component
C -
Authorization
Source
C - Role
Mapping
Policy
D - Internal
Posture
Policies
E - Posture
Servers
F - Audit
Servers
G -
Enforcement
Policy
H -
Enforcement
Profile
Dell Networking W-ClearPass Policy Manager 6.0 | User Guide
Service:
component
Description
ratio
any LDAP compliant directory
l
RSA or other RADIUS-based token servers
l
SQL database, including the local user store.
l
Static Host Lists, in the case of MAC-based Authentication of managed
l
devices.
One or more
An Authorization Source collects attributes for use in Role Mapping
per
Rules. You specify the attributes you want to collect when you
Authentication
configure the authentication source. Policy Manager supports the
Source and
following authorization source types:
zero or more
per service
Microsoft Active Directory
l
any LDAP compliant directory
l
RSA or other RADIUS-based token servers
l
SQL database, including the local user store.
l
Zero or one
Policy Manager evaluates Requests against Role Mapping Policy rules to
per service
match Clients to Role(s). All rules are evaluated and Policy Manager may return
more than one Role. If no rules match, the request takes the configured Default
Role.
Some Services (for example, MAC-based Authentication ) may handle role
mapping differently:
For MAC-based Authentication Services, where role information is not
l
available from an authentication source, an Audit Server can determine
role by applying post-audit rules against the client attributes gathered
during the audit.
Zero or more
An Internal Posture Policy tests Requests against internal Posture rules to
per service
assess health. Posture rule conditions can contain attributes present in vendor-
specific posture dictionaries.
Zero or more
Posture servers evaluate client health based on specified vendor-specific
per service
posture credentials, typically posture credentials that cannot be evaluated
internally by Policy Manager (that is, not by internal posture policies).
Currently, Policy Manager supports two forms of posture server interfaces:
RADIUS, and GAMEv2 posture servers.
Zero or more
Audit servers evaluate the health of clients that do not have an installed agent,
per service
or which cannot respond to Policy Manager interactions. Audit servers typically
operate in lieu of authentication methods, authentication sources, internal
posture policies and posture server.
In addition to returning posture tokens, Audit Servers can contain post-audit
rules that map results from the audit into Roles.
One per
Policy Manager tests Posture Tokens, Roles, system time and other contextual
service
attributes against Enforcement Policy rules to return one or more matching
(mandatory)
Enforcement Policy Profiles (that define scope of access for the client).
One or more
Enforcement Policy Profiles contain attributes that define a client's scope of
per service
access for the session. Policy Manager returns these Enforcement Profile
attributes to the switch.
51
Advertisement
Table of Contents
