Dell Powerconnect W-ClearPass Hardware Appliances W-ClearPass Policy Manager 6 - Page 342

are editing service rules you work with, among other namespaces, the RADIUS namespace, but not the posture namespace. Enumerated below are the namespaces you will find in the different rules editing contexts: l RADIUS Namespace - Dictionaries in the RADIUS namespace come pre-packaged with the product. The administration interface does provide a way to add new dictionaries into the system (See "RADIUS Dictionaries " on page 301 for more information). RADIUS namespace has the notation RADIUS:Vendor, where Vendor is the name of the Company that has defined attributes in the dictionary. Sometimes, the same vendor has multiple dictionaries, in which case the "Vendor" portion has the name suffixed by the name of device or some other unique string. IETF is a special vendor for the dictionary that holds the attributes defined in the RFC 2865 and other associated RFCs. Policy Manager comes pre-packaged with a number of vendor dictionaries. Some examples of dictionaries in the RADIUS namespace are: RADIUS:IETF, RADIUS:Cisco, RADIUS:Juniper. RADIUS namespace appears in the following editing contexts: n Service rules: All RADIUS namespace attributes that can appear in a request (the ones marked with the IN or INOUT qualifier) n RADIUS Enforcement profiles: All RADIUS namespace attributes that can be send back to a RADIUS client (the ones marked with the OUT or INOUT qualifier) n Role mapping policies n Policy simulation attributes n Post-proxy attribute pruning rules n Filter rules for Access Tracker and Activity Reports l Posture Namespace - Dictionaries in the posture namespace come pre-packaged with the product. The administration interface does provide a way to add new dictionaries into the system (See "Posture Dictionaries " on page 302 for more information.) Posture namespace has the notation Vendor:Application, where Vendor is the name of the Company that has defined attributes in the dictionary, and Application is the name of the application for which the attributes have been defined. The same vendor typically has different dictionaries for different applications. Some examples of dictionaries in the posture namespace are: ClearPass:LinuxSHV, Microsoft:SystemSHV, Microsoft:WindowsSHV Trend:AV. Posture namespace appears in the following editing contexts: n Internal posture policies conditions - Attributes marked with the IN qualifier n Internal posture policies actions - Attributes marked with the OUT qualifier n Policy simulation attributes n Filter rules for Access Tracker and Activity Reports l Authorization Namespaces - Policy Manager supports a number of types of authorization sources. Authorization sources from which values of attributes can be retrieved to create role mapping rules have their own separate namespaces (prefixed with Authorization:). They are: n Authorization - The authorization namespace has one attribute: sources. The values are prepopulated with the authorization sources defined in Policy Manager. Use this to check for the authorization source(s) from which attributes were extracted for the authenticating entity. n AD Instance Namespace - For each instance of an Active Directory authentication source, there is an AD instance namespace that appears in the rules editing interface. The AD instance namespace consists of all the attributes that were defined when the authentication source was created. These attribute names are prepopulated in the UI for administrative convenience. For Policy Manager to fetch the values of attributes from 342 Dell Networking W-ClearPass Policy Manager 6.0 | User Guide