Users Guide
Dell Networking W-ClearPass Policy Manager 6.2 | User Guide 46
Chapter 5
Policy Manager Policy Model
From the point of view of network devices or other entities that need authentication and authorization services, Policy
Manager appears as a RADIUS, TACACS+ or HTTP/S based Authentication server; however, its rich and extensible
policy model allows it to broker security functions across a range of existing network infrastructure, identity stores,
health/posture services and client technologies within the Enterprise.
Refer to the following topics for additional information.
l "Services Paradigm" on page 46
n "Viewing Existing Services " on page 49
n "Adding and Removing Services " on page 49
n "Links to Use Cases and Configuration Instructions " on page 50
l "Policy Simulation" on page 52
n "Add Simulation Test" on page 53
n "Import and Exporting Simulations " on page 58
Services Paradigm
Services are the highest level element in the Policy Manager policy model. They have two purposes:
l Unique Categorization Rules (per Service) enable Policy Manager to test Access Requests (“Requests”) against
available Services to provide robust differentiation of requests by access method, location, or other network vendor-
specific attributes.
Policy Manager ships configured with a number of basic Service types. You can flesh out these Service types, copy
them for use as templates, import other Service types from another implementation (from which you have previously
exported them), or develop new Services from scratch
l By wrapping a specific set of Policy Components, a Service can coordinate the flow of a request, from
authentication, to role and health evaluation, to determination of enforcement parameters for network access.
The following image illustrates and describe the basic Policy Manager flow of control and its underlying architecture.