Dell Powerconnect W-ClearPass Hardware Appliances W-ClearPass Policy Manager 6 - Page 89

Chapter 12 Services The Policy Manager policy model groups policy components that serve a particular type of request into Services, which sit at the top of the policy hierarchy. Refer to the following sections for more detailed information: l "Architecture and Flow " on page 89 l "Start Here Page " on page 90 l "Policy Manager Service Types" on page 92 l "Services " on page 101 n "Adding Services " on page 102 n "Modifying Services " on page 104 n "Reordering Services " on page 106 Architecture and Flow Architecturally, Policy Manager Services are: l Parents of their policy components, which they wrap (hierarchically) and coordinate in processing requests. l Siblings of other Policy Manager Services, within an ordered priority that determines the sequence in which they are tested against requests. l Children of Policy Manager, which tests requests against their Rules, to find a matching Service for each request. The flow-of-control for requests parallels this hierarchy: l Policy Manager tests for the first Request-to-Service-Rule match l The matching Service coordinates execution of its policy components l Those policy components process the request to return Enforcement Profiles to the network access device, and, optionally, posture results to the client. There are two approaches to creating a new Service in Policy Manager: l Bottom-Up Approach - Create all policy components (Authentication Method, Authentication Source, Role Mapping Policy, Posture Policy, Posture Servers, Audit Servers, Enforcement Profiles, Enforcement Policy) first, as needed, and then create the Service from using Service creation Wizard. l Top-Down Approach - Start with the Service creation wizard, and create the associated policy components as and when you need them, all in the same flow. Dell Networking W-ClearPass Policy Manager 6.0 | User Guide 89