Users Guide
Dell Networking W-ClearPass Policy Manager 6.6 | User Guide Posture | 279
Chapter 6
Posture
This chapter provides the following information:
l Posture Architecture and Flow
l Creating a New Posture Policy
l Configuring Posture Policy Agents and Hosts
l Configuring Posture Policy Plug-ins
l Configuring Posture Policy Rules
l Configuring Posture for Services
l Configuring Audit Servers
l Unified Agent System Tray Status Icons
Posture Architecture and Flow
This section provides the following information:
l Posture Policy
l Audit Servers
l Assessing Client Consistency
l Application Token
l System Token
Policy Manager supports two types of posture checking: posture policies and audit servers.
Posture Policy
Policy Manager supports four pre-configured posture plug-ins for Windows, one plug-in for Linux
®
, and one
plug-in for Mac OS
®
X, against which administrators can configure rules that test for specific attributes of client
health and correlate the results to return application posture tokens for processing by enforcement policies.
A service can also be configured without any posture policy.
Audit Servers
Audit servers provide posture checking for unmanageable devices, such as devices lacking adequate posture
agents or supplicants. In the case of such clients, the audit server’s post-audit rules map clients to roles.
Policy Manager supports two types of audit servers:
l NMAP audit server: Primarily used to derive roles from post-audit rules.
l NESSUS audit server: Primarily used for vulnerability scans (and, optionally, post-audit rules).