Administrator Guide
Table Of Contents
- About W‑ClearPass Policy Manager
- Services
- Services Architecture and Flow
- Creating Service Templates
- Viewing the List of Services
- Viewing Existing Services
- Adding and Removing Services
- Reordering Services
- 802.1X Wired, 802.1X Wireless, and Dell 802.1X Wireless
- Auto Sign-On
- Dell VPN Access with Posture Checks
- Certificate/Two-Factor Authentication for W‑ClearPass Application Login
- W‑ClearPass Admin Access
- W‑ClearPass Admin SSO Login (SAML SP Service)
- W‑ClearPass Identity Provider (SAML IdP Service)
- Device MAC Authentication
- EDUROAM Service
- Encrypted Wireless Access via 802.1X Public PEAP method
- Guest Access
- Guest Access Web Login
- Guest Authentication with MAC Caching
- Guest Social Media Authentication
- OAuth2 API User Access
- Onboard
- Policy Manager Service Types
- 802.1X Wired
- 802.1X Wired - Identity Only
- Dell 802.1X Wireless
- 802.1X Wireless - Identity Only
- Dell 802.1X Wireless
- Cisco Web Authentication Proxy
- MAC Authentication
- RADIUS Authorization
- RADIUS Enforcement (Generic)
- RADIUS Proxy
- Dell W-Series Application Authentication
- Dell W-Series Application Authorization
- W‑ClearPass OnConnect Enforcement
- Event-Based Enforcement
- TACACS+ Enforcement
- Web-based Authentication
- Web-based Health Check Only
- Web-based Open Network Access
- Monitoring
- Live Monitoring: Access Tracker
- Live Monitoring: Accounting
- Modifying the Accounting Page Parameters
- RADIUS Accounting Details > Summary Tab
- RADIUS Accounting Record Details > Auth Sessions Tab
- RADIUS Accounting Record Details > Utilization Tab
- RADIUS Accounting Record Details > Details Tab
- TACACS+ Accounting Record Details > Request Tab
- TACACS+ Accounting Record Details > Auth Sessions Tab
- TACACS+ Accounting Record Details > Details Tab
- Live Monitoring: OnGuard Activity
- Live Monitoring: Analysis and Trending
- Live Monitoring: System Monitor
- Profiler and Discovery
- Profiler and Discovery: Endpoint Profiler
- Profiler and Discovery: Network Discovery
- Audit Viewer
- Event Viewer
- Data Filters
- Restoring Blacklisted Users to the Network
- Authentication and Authorization
- Configuring Identity Settings
- Posture
- Configuring Enforcement
- Configuring Enforcement Policies
- Configuring Enforcement Profiles
- Adding an Enforcement Profile
- Modifying an Existing Enforcement Profile
- Agent Enforcement
- Aruba Downloadable Role Enforcement
- Aruba RADIUS Enforcement
- Cisco Downloadable ACL Enforcement
- Cisco Web Authentication Enforcement
- ClearPass Entity Update Enforcement
- CLI Based Enforcement
- Filter ID Based Enforcement
- Generic Application Enforcement
- HTTP Based Enforcement
- RADIUS Based Enforcement
- RADIUS Change of Authorization (CoA)
- Session Notification Enforcement
- Session Restrictions Enforcement
- SNMP Based Enforcement
- TACACS+ Based Enforcement
- VLAN Enforcement
- Configuring Policy Simulation
- W‑ClearPass Policy Manager Profile
- Network Access Devices
- Administration
- W‑ClearPass Guest Portal
- Managing Admin Users
- Managing Admin Privileges
- Server Configuration
- Manage Policy Manager Zones
- Log Configuration
- Local Shared Folders
- License Management
- SNMP Trap Receivers
- Syslog Targets
- Syslog Export Filters
- Messaging Setup
- Endpoint Context Servers
- Configuring Endpoint Context Server Actions
- Adding Vendor-Specific Endpoint Context Servers
- Adding an AirWatch Endpoint Context Server
- Adding an AirWave Endpoint Context Server
- Adding an Aruba Activate Endpoint Context Server
- Adding a ClearPass Cloud Proxy Endpoint Context Server
- Adding a Google Admin Console Endpoint Context Server
- Adding a Generic HTTP Endpoint Context Server
- Integrating W‑ClearPass with Infoblox
- Integrating ClearPass with Juniper Networks SRX
- Adding a JAMF Endpoint Context Server
- Adding a MaaS360 Endpoint Context Server
- Adding a MobileIron Endpoint Context Server
- Adding a Palo Alto Networks Firewall Endpoint Context Server
- Adding a Palo Alto Networks Panorama Endpoint Context Server
- Adding an SAP Afaria Endpoint Context Server
- Adding a SOTI Endpoint Context Server
- Adding a XenMobile Endpoint Context Server
- File Backup Servers
- Server Certificate
- Certificate Trust List
- Certificate Revocation Lists
- Using ClearPass Dictionaries
- RADIUS Dictionary
- TACACS+ Services Dictionary
- Fingerprints Dictionary
- Dictionary Attributes
- Applications Dictionaries
- Updating Policy Manager Software
- OnGuard Settings
- OnGuard Global Agent Settings
- Contact Support
- Remote Assistance
- Cluster Upgrade/Update Tool
- Configuring Processing for Ingress Events
- W‑ClearPass Insight Reports
- About W‑ClearPass Insight
- About the Insight Dashboard
- Dashboard Overview
- Adding a Report Widget to the Dashboard Landing Page
- Removing a Report Widget from the Dashboard Landing Page
- Creating a Report or Alert From the Dashboard
- Specifying the Date Range for Data Collection
- Authentication Dashboard
- Endpoints Dashboard
- Guest Dashboard
- Network Dashboard
- Posture Dashboard
- System Dashboard
- System Monitor Dashboard
- Searching the Insight Database
- Creating Alerts
- Creating Reports
- Insight Report Categories Reference
- Administration Operations
- Managing Insight Admin Privileges
- Command Line Interface
- Cluster Commands
- Configure Commands
- Network Commands
- Miscellaneous Commands
- Service Commands
- Show Commands
- SSH Timed Account Lockout
- System Commands
- system apps-access-reset
- system boot-image
- system cleanup
- system create-api-client
- system gen-recovery-key
- system gen-support-key
- system install-license
- system morph-vm
- system refresh-license
- system reset-server-certificate
- system restart
- system shutdown
- system sso-reset
- system start-rasession
- system status-rasession
- system terminate-rasession
- system update
- system upgrade
- SNMP Private MIB, SNMP Traps, System Events, Error Codes
- W‑ClearPass SNMP Private MIB
- W‑ClearPass SNMP Traps and OIDs
- SNMP Trap Details
- SNMP Daemon Traps
- SNMP Daemon Trap Events
- Network Interface up and Down Events
- Network Interface Status Traps
- W‑ClearPass Processes Stop and Start Events
- Disk Space Threshold Traps
- Disk Utilization Threshold Exceed Events
- Process Status Traps
- CPU Load Average Exceed Events for 1, 5, and 15 Minute Thresholds
- CPU Load Average Traps
- Important System Events
- Admin User Interface Events
- Admin Server Events
- Async Service Events
- W‑ClearPass/Domain Controller Events
- W‑ClearPass System Configuration Events
- W‑ClearPass Update Events
- Cluster Events
- Command Line Events
- Database Replication Services Events
- Licensing Events
- Policy Server Events
- RADIUS/TACACS+ Server Events
- Service Names
- SNMP Events
- Support Shell Events
- System Auxiliary Service Events
- System Monitor Events
- Error Codes
- Use Cases
- OnGuard Dissolvable Agent
- Rules Editing and Namespaces
- Namespaces
- Application Namespace
- Audit Namespaces
- Authentication Namespaces
- Authorization Namespaces
- Certificate Namespaces
- Connection Namespaces
- Date Namespaces
- Device Namespaces
- Endpoint Namespaces
- Guest User Namespaces
- Host Namespaces
- Local User Namespaces
- Posture Namespaces
- RADIUS Namespaces
- TACACS Namespaces
- Tips Namespaces
- Variables
- Operators
- Namespaces
l Page-Name
l Provisioning-Settings-ID
l SAMLRequest
l SAMLResponse
l Session-Timeout
l User-Email-Address
Audit Namespaces
The dictionaries in the audit namespace come pre-packaged with the product. The Audit namespace has the
notation Vendor:Audit, where Vendor is the name of the company that has defined attributes in the dictionary.
Examples of dictionaries in the audit namespace are AvendaSystems:Audit or Qualys:Audit.
The Audit namespace appears when editing post-audit rules. See Audit Servers for more information.
The Avenda Systems:Audit namespace appears when editing post-audit rules for NESSUS and NMAP audit
servers.
The following figure displays the Audit Namespace attributes:
Attribute Name Values
Audit-Status l AUDIT_ERROR
l AUDIT_INPROGRESS
l AUDIT_SUCCESS
Device-Type Type of device returned by an NMAP port scan.
Output-Msgs The output message returned by Nessus plugin after a vulnerability scan.
Network-Apps String representation of the open network ports (http, telnet, etc.).
Mac-Vendor Vendor associated with MAC address of the host.
OS-Info OS information string returned by NMAP.
Open-Ports The port numbers of open applications on the host.
Table 447: Audit Namespace Attributes
Authentication Namespaces
The authentication namespace can be used in role mapping policies to define roles based on the type of
authentication method used or the status of the authentication.
Dell Networking W-ClearPass Policy Manager 6.6 | User Guide Rules Editing and Namespaces | 847