Security

Reply
New Contributor
Posts: 3
Registered: ‎02-03-2015

Clearpass and Context Servers, can you retrieve attributes?

[ Edited ]

I'm playing around with adding my Filewave MDM server into ClearPass as a Context Endpoint Server. The File wave server support RESTful JSON web based queries and such.

 

I see where I can set up a "send" message to notify Filewave of information about my clinet, however, I would like to query the filewave server from clear pass and store the results as attributes that I can manipulate for enforcement polices.

 

I can send the FIlewave server the MAC address of the attaching client.

Filewave returns the machine type, OS version, if the device has been stolen or other information.

I would like to take that JSON result and store each attribute and do some enforcement on it.

 

Bascially, I just want to send out some JSON and store the returning JSON data and do some stuff with it.

 

Is this possible?

Moderator
Posts: 477
Registered: ‎11-09-2012

Re: Clearpass and Context Servers, can you retrieve attributes?

Today the CPPM Exchange Framework is OUTBOUND. Its one of the items we are looking at developing in the future.

 

If the Filewave offer a SQL interface we could look at using SQL to grab the data?


Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
New Contributor
Posts: 3
Registered: ‎02-03-2015

Re: Clearpass and Context Servers, can you retrieve attributes?

The Filewave database is a Postgresql DB and they do support direct ODBC access.

 

That was going to be my next path to go down. Thoughts and suggestions would be appreciated.

Moderator
Posts: 477
Registered: ‎11-09-2012

Re: Clearpass and Context Servers, can you retrieve attributes?

OK... Its not something I can put in an email but........

 

You'll need to add the MDM as an authentication source to start with. You'll need your port#, DB name, Login Name etc. and hopefully the DB has been opened up to allowing ODBC queries.....

 

Then your going to have to craft a SQL statement to return what ever attributes you require and want to check....

 

SELECT FROM XXXXX AS 'MDMPOLICY' FROM MY_DB WHERE BLAH BLAH BLAH BLAH OR BLAH BLAH BLAH OR BLAH BLAH AND BLAH BLAH

 

 

Add the this new Auth Source to your service....

 

Maybe add this also as an Authz source and then define a role  'MDMPOLICY'  = 'XXX' set a ROLE of 'MDM Enrolled'....

 

Some ideas.......

 

HTH...!!!!

 


Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
New Contributor
Posts: 3
Registered: ‎02-03-2015

Re: Clearpass and Context Servers, can you retrieve attributes?

That's how I thought it would work.

 

Thanks,

 

Chris

Moderator
Posts: 477
Registered: ‎11-09-2012

Re: Clearpass and Context Servers, can you retrieve attributes?

[ Edited ]

Chris,

 

I'm keen to explore this a little deper with you.

 

 

Please email me at danny@arubanetworks.com when you have time.


Best Regards
-d

Snr Tech Marketing Engineer - ClearPass

-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.
Search Airheads
Showing results for 
Search instead for 
Did you mean: