AAA, NAC, Guest Access & BYOD

How to Create a Web Auth Service on CPPM to check health for Windows clients

Introduction :

 

This article talks about creating a Web Authentication service on CPPM to do health checks for clients.

 

Environment : This applies to CPPM 6.2 and greater

 

Configuration Steps : Prerequisites

The Quick Connect application must be installed on the client machine. This can be pushed to the clients by a third party source or hosted over a Internal web page.


Configuration on CPPM:


Login to CPPM and navigate to "Configuration » Posture » Posture Policies" and create a new Posture Policy.

User-added image



We can fill the details as shown above and configure the Posture plugin based on our requirement. In this example we will restrict to Windows 7 only and disable the USB port on it. Below are the steps to enable this.

Navigate to "Posture Plugin" tab and configure the "ClearPass Windows Universal System Health Validator" and enable check for windows 7.


User-added image

Similarly we have more options to do a health check based on our requirements



User-added image



User-added image


The above option "Disable USB Mass Storage Device" will disable the USB port on the Windows 7 machine if a Mass Storage device is plugged into it.

Add Rules as shown below.


User-added image



Save the Posture Policy as shown below.


User-added image


Now navigate to "Configuration » Start Here" and select the "Web-based Health Check Only" template.



User-added image



Selecting the above option will create a service as shown below.

Enable "Posture Compliance" by checking the check box.



User-added image



Under Posture section, select the posture policy we created.


User-added image



Select the default Enforcement Policy and save the Service.



User-added image



NOTE: We can also customize this bases on our requirements. Below is an example.


We can create a new Enforcement Profile as shown below and then map it to a Enforcement Policy.

User-added image



Similarly we can create a new profile for non healthy user and them map them to our Policy.


User-added image





 

 

Version History
Revision #:
1 of 1
Last update:
‎07-08-2014 03:02 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.