Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
31323334353637383940
34 | About Dell Networking W-ClearPass Policy Manager DellNetworking W-ClearPass Policy Manager 6.5 | User Guide
Policy Manager uses posture evaluation to assess client consistency with enterprise endpoint health policies,
specifically with respect to:
l Operating system version/type
l Registry keys/services present (or absent)
l Antivirus/antispyware/firewall configuration
l Patch level of different software components
l Peer-to-Peer (P2P) application checks
l Services to be running or not running
l Processes to be running or not running
Each configured health check returns an application token representing health:
l Healthy. Client is compliant: there are no restrictions on network access.
l Checkup. Client is compliant; however, there is an update available. This can be used to proactively
remediate to healthy state.
l Transient. Client evaluation is in progress; typically associated with auditing a client. The network access
granted is interim.
l Quarantine. Client is out of compliance; restrict network access so the client only has access to the
remediation servers.
l Infected. Client is infected and is a threat to other systems in the network; network access should be
denied or severely restricted.
l Unknown. The posture token of the client is unknown.
Upon completion of all configured posture checks, Policy Manager evaluates all application tokens and
calculates a system token, equivalent to the most restrictive rating for all returned application tokens. The
system token provides the health posture component for input to the enforcement policy.
A service can also be configured without any posture policy.
Audit Servers
Audit Servers evaluate posture, role, or both, for unmanaged or unmanageable clients. One example could be
clients that lack an adequate posture agent or 802.1X supplicant. For example, printers, PDAs, or guest users
might not be able to send posture credentials or identify themselves. A Policy Manager Service can trigger an
audit by sending a client ID to a pre-configured audit server, and the server returns attributes for role mapping
and posture evaluation.
Audit servers are configured at a global level. Only one audit server can be associated with a service. The flow-
of-control of the audit process is shown in the figure.
For more information, see Configuring Audit Servers on page 285.