Dell Powerconnect W-ClearPass Virtual Appliances W-ClearPass Policy Manager 6. - Page 51
Component, Service, ratio, Description, Rules. You specify the attributes you want to collect when
View all Dell Powerconnect W-ClearPass Virtual Appliances manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 51 highlights
Component Service: component ratio Description l any LDAP compliant directory l RSA or other RADIUS-based token servers l SQL database, including the local user store. l Static Host Lists, in the case of MAC-based Authentication of managed devices. CAuthorization Source One or more per Authentication Source and zero or more per service An Authorization Source collects attributes for use in Role Mapping Rules. You specify the attributes you want to collect when you configure the authentication source. Policy Manager supports the following authorization source types: l Microsoft Active Directory l any LDAP compliant directory l RSA or other RADIUS-based token servers l SQL database, including the local user store. C - Role Mapping Policy Zero or one per service Policy Manager evaluates Requests against Role Mapping Policy rules to match Clients to Role(s). All rules are evaluated and Policy Manager may return more than one Role. If no rules match, the request takes the configured Default Role. Some Services (for example, MAC-based Authentication) may handle role mapping differently: l For MAC-based Authentication Services, where role information is not available from an authentication source, an Audit Server can determine role by applying post-audit rules against the client attributes gathered during the audit. D - Internal Posture Policies Zero or more per service An Internal Posture Policy tests Requests against internal Posture rules to assess health. Posture rule conditions can contain attributes present in vendorspecific posture dictionaries. E - Posture Servers Zero or more per service Posture servers evaluate client health based on specified vendor-specific posture credentials, typically posture credentials that cannot be evaluated internally by Policy Manager (that is, not by internal posture policies). Currently, Policy Manager supports two forms of posture server interfaces: RADIUS, and GAMEv2 posture servers. F - Audit Servers Zero or more per service Audit servers evaluate the health of clients that do not have an installed agent, or which cannot respond to Policy Manager interactions. Audit servers typically operate in lieu of authentication methods, authentication sources, internal posture policies and posture server. In addition to returning posture tokens, Audit Servers can contain post-audit rules that map results from the audit into Roles. GEnforcement Policy One per service (mandatory) Policy Manager tests Posture Tokens, Roles, system time and other contextual attributes against Enforcement Policy rules to return one or more matching Enforcement Policy Profiles (that define scope of access for the client). HEnforcement Profile One or more per service Enforcement Policy Profiles contain attributes that define a client's scope of access for the session. Policy Manager returns these Enforcement Profile attributes to the switch. Dell Networking W-ClearPass Policy Manager 6.0 | User Guide 51