Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
51525354555657585960
Policy Component Illustrative Use Cases
Configuration
Instructions
Enforcement Policy and
Profiles
All Use Cases have an assigned Enforcement
Policy and corresponding Enforcement Rules.
l "Configuring
Enforcement Profiles "
on page 193
l "Configuring
Enforcement Policies
" on page 204
Policy Simulation
Once the policies have been set up, the Policy Simulation utility can be used to evaluate these policies - before
deployment. The Policy Simulation utility applies a set of request parameters as input against a given policy
component and displays the outcome, at: Configuration > Policy Simulation.
The following types of simulations are supported:
l Service Categorization - A service categorization simulation allows you to specify a set of attributes in the
RADIUS or Connection namespace and test which configured service the request will be categorized into. The
request attributes that you specify represent the attributes sent in the simulated request.
l Role Mapping - Given the service name (and associated role mapping policy), the authentication source and the
user name, the role mapping simulation maps the user into a role or set of roles. You can also use the role mapping
simulation to test whether the specified authentication source is reachable.
l Posture Validation - A posture validation simulation allows you to specify a set of posture attributes in the posture
namespace and test the posture status of the request. The posture attributes that you specify represent the attributes
sent in the simulated request.
l Audit - An audit simulation allows you to specify an audit server (Nessus- or NMAP-based) and the IP address of
the device you want to audit. An audit simulation triggers an audit on the specified device and displays the results.
l Enforcement Policy - Given the service name (and the associated enforcement policy), a role or a set of roles, the
system posture status, and an optional date and time, the enforcement policy simulation evaluates the rules in the
enforcement policy and displays the resulting enforcement profiles and their contents.
l Chained Simulation - Given the service name, authentication source, user name, and an optional date and time, the
chained simulation combines the results of role mapping, posture validation and enforcement policy simulations
and displays the corresponding results.
Figure 32 Policy Simulation
Dell Networking W-ClearPass Policy Manager 6.2 | User Guide 52