Reference Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

Component Service:

component ratio

Description

Some Services (for example, TACACS+) contain internal

authentication methods; in such cases, Policy Manager does

not make this tab available.

B - Authentication Source Zero or more per

service

An Authentication Source is the identity repository against

w hich Policy Manager verifies identity. It supports these

Authentication Source types:

l Mi crosoft Active Directory

l and LDAP compliant directory

l RSA or other RADIUS-based token servers

l SQL database, including the local user store.

l Static Host Lists, in the case of M AC-based Authentication

of managed devices.

C - Authorization Source One or more per

Authentication

Source and zero or

m ore per service

An Authorization Source collects attributes for use in Role

Mappi ng Rules. You specify the attributes you w ant to collect

w hen you configure the authentication source. Policy

Manager supports the followi ng authorization source types:

l Mi crosoft Active Directory

l any LDAP compliant dir ectory

l RSA or other RADIUS-based token servers

l SQL database, including the local user store.

C - Role Mapping Policy Zero or one per

service

Policy Manager evaluates Requests against Role Mapping

Policy rules to match Clients to Role(s). All rules are evaluated

and Policy Manager may return more than one Role. If no

rul es match, the request takes the configured Default Role.

Some Services (for example, MAC-based Authentication) may

handl e role mapping differently:

l For MAC-based Authentication Services, where role

i nformation is not available from an authentication source,

an Audit Server can determine role by applying post-audit

rul es against the client attributes gathered during the

audi t.

D - Internal Posture Policies Zero or more per

service

An Internal Posture Policy tests Requests against internal

Posture rules to assess health. Posture rule conditions can

contain attributes present in vendor-specific posture

di ctionaries.

E - Posture Servers Zero or more per

service

Posture servers evaluate client health based on specified

vendor-specific posture credentials, typically posture

credential s that cannot be evaluated internally by Policy

Manager (that is, not by internal posture policies).

Curr ently, Policy Manager supports two forms of posture

server interfaces: HCAP, RADIUS, and GAMEv2 posture

servers.

F - Audit Ser vers Zero or more per

service

Audit servers evaluate the health of clients that do not have an

Dell Networking W-ClearPass Policy Model 6.0 | An Introduction 3