Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
141142143144145146147148149150
Dell Networking W-ClearPass Policy Manager 6.2 | User Guide 150
Chapter 10
Posture
Policy Manager provides several posture methods for health evaluation of clients requesting access. These methods all
return Posture Tokens (E.g., Healthy, Quarantine) for use by Policy Manager for input into Enforcement Policy. One or
more of these posture methods may be associated with a Service.
Posture Architecture and Flow
Policy Manager supports three different types of posture checking:
l Posture Policy. Policy Manager supports four pre-configured posture plugins for Windows, one plugin for Linux
®
and one plugin for Mac OS
®
X, against which administrators can configure rules that test for specific attributes of
client health and correlate the results to return Application Posture Tokens for processing by Enforcement Policies.
l Posture Server. Policy Manager can forward all or part of the posture data received from the client to a Posture
Server. The Posture Server evaluates the posture data and returns Application Posture Tokens. Policy Manager
supports the Microsoft NPS Server for Microsoft NAP integration.
l Audit Server. Audit Servers provide posture checking for unmanageable devices (i.e., devices lacking adequate
posture agents or supplicants); in the case of such clients, the audit server’s post-audit rules map clients to roles.
Policy Manager supports two types of Audit Servers: NMAP audit server, primarily to derive roles from post-audit
rules; NESSUS audit server, primarily used for vulnerability scans (and, optionally, post-audit rules).
Figure 116 Posture Evaluation Process
Policy Manager uses posture evaluation to assess client consistency with enterprise endpoint health policies,
specifically with respect to:
l Operating system version/type