Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances

781

782

783

784

785

786

787

788

789

790

Alert Field Action/Description

Alert Name 1. Enter the name of the alert.

Description 2. Optionally, enter a summary description of the alert.

Category 3. Select the alert Category, then specify the desired alert type in the selected

category:

n Authentication

a. Failed Authentication

b. Total Authentication

n System

n TACACS

a. TACACS Commands

b. TACACS Failures

Notifications 4. Specify report notifications.

n Notify by Email. When you select this option, enter the list of email

addresses to be notified. The alert notification is sent whenever the trigger

threshold is met.

NOTE: Enabling Notify by Email is mandatory.

n Notify by SMS. When you select this option, enter the phone numbers of

each recipient. The alert notification is sent whenever the trigger threshold is

met.

NOTE: A warning message appears if you have not configured the SMTP mail

server for email notifications. To do so, from the Policy Manager, navigate to

Administration > External Servers > Messaging Setup.

Trigger Severity 5. From the Trigger Severity drop-down, select one of the following:

n Critical

n Warning

Trigger Threshold 6. Specify Threshold and Interval values as criteria for determining whether an

alert is necessary.

For example, if you specify the threshold as 25 and the interval as 15

minutes, once the threshold of 25 is met within 15 minutes, an alert is

triggered.

Trigger Interval 7. Specify the Interval, then select Minutes or Hours.

Alert Summary When you have configured the alert settings, the Alert Summary displays the

settings for your review.

8. Click Save.

Table 393: Create New Alert Parameters

Modifying the User Watchlist

A Watchlist is a list of VIPs, executives, and devices known to be problematic that are monitored for

authentication failures. W-ClearPass collects all user authentication status.

When W-ClearPass finds a user defined in the Watchlist that both fails to authenticate and also matches the

Watchlist triggers (severity, threshold, and interval), an alert notification is sent to the notification list via email

Dell Networking W-ClearPass Policy Manager 6.6 | User Guide W-ClearPass Insight Reports | 785