Users Guide
Dell Networking W-ClearPass Policy Manager 6.3 | User Guide Policy Manager Policy Model | 71
Chapter 5
Policy Manager Policy Model
From the point of view of network devices or other entities that need authentication and authorization services, Policy
Manager appears as a RADIUS, TACACS+ or HTTP/S based Authentication server; however, its rich and extensible
policy model allows it to broker security functions across a range of existing network infrastructure, identity stores,
health/posture services and client technologies within the Enterprise.
For more information, see:
l "Services Paradigm" on page 71
l "Policy Simulation" on page 77
Services Paradigm
Services are the highest level element in the Policy Manager policy model. They have two purposes:
Unique Categorization Rules (per Service) enable Policy Manager to test Access Requests (“Requests”) against
available Services to provide robust differentiation of requests by access method, location, or other network vendor-
specific attributes.
Policy Manager ships configured with a number of basic Service types. You can flesh out these Service types, copy
them for use as templates, import other Service types from another implementation (from which you have previously
exported them), or develop new Services from scratch.
By wrapping a specific set of Policy Components, a Service can coordinate the flow of a request, from authentication,
to role and health evaluation, to determination of enforcement parameters for network access.
For more information, see:
l "Viewing Existing Services" on page 75
l "Adding and Removing Services" on page 75
l "Links to Use Cases and Configuration Instructions" on page 76
The following image and table illustrate and describe the basic Policy Manager flow of control and its underlying
architecture.