Users Guide
102 | Services Dell Networking W-ClearPass Policy Manager 6.6 | User Guide
Figure 64: Selecting the W-ClearPass OnConnect Enforcement Policy
From the Services > Add > Enforcement page, you can either select an existing enforcement policy or
create a new one.
2. From the Enforcement Policy drop-down list, select the appropriate OnConnect Enforcement policy.
a. If you have not configured an OnConnect-type Enforcement policy, click Add New Enforcement Policy
to create a new enforcement policy.
3. Specify the values for the remaining parameters as described in Table 39, then click Save.
Parameter Description
Use Cached Results 1. Select this check box to use cached roles and posture attributes from
previous sessions.
Enforcement Policy 2. From the drop-down list, select the preconfigured enforcement policy. This
is a mandatory step.
Enforcement Policy Details
Description Displays additional information about the selected enforcement policy.
Default Profile Displays a default profile applied by .
Rules Evaluation Algorithm Shows first matched rule and return the role or select all matched rules and
return a set of roles.
Table 39: Service Enforcement Page Parameters
Event-Based Enforcement Service
The Event-Based Enforcement service manages enforcement actions in response to threat-event
processing.
When there is a suspicious user, this user could represent a common DOS attack or some other threat. When a
threat is detected, W-ClearPass performs enforcement operations as configured; for example, executing a
change of authorization ( COA ) to disconnect a suspicious user from the network.
To add an event-based enforcement service:
1. Navigate to Configuration > Services.