Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

This thread has been viewed 5 times

  • 1.  I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 12, 2015 12:10 PM

    I want to redirect unhealthy client to URL of my antivirus

     

    For example :

     

    PC connected doesnot have Norton Installed so I want to redirect him to :

     

    http://10.10.10.10/norton.exe

     

    PC connected doesnot have Corporate software insatlled

     

    redirect to :

     

    http://10.10.10.10/corporate software

     

    how can I achive this ?



  • 2.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 12, 2015 02:39 PM
    Create a new captive portal redirect role and have ClearPass send that role back as a CoA after being quarantined


  • 3.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 12, 2015 02:42 PM
    however, due to a lack of onguard granularity, it will be difficult to determine what caused the change of posture status (lack of Norton vs corporate software). I entered a feature request last month for that. In the meantime, I suggest having one remediation page with links to everything the user might need to get healthy.


  • 4.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    EMPLOYEE
    Posted Sep 12, 2015 02:48 PM

    You can definitely get specific down to individual policies:

     

    posture-antivirus.JPG



  • 5.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 12, 2015 03:13 PM

    The Thing is I'm not doing this on Aruba Controller or wireless I'm doing this on HP wired



  • 6.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    EMPLOYEE


  • 7.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 12, 2015 06:21 PM
    yeah, but you don't have the granularity within the same policy. The logic for assigning a token needs more than just "one or more"


  • 8.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    EMPLOYEE
    Posted Sep 13, 2015 01:04 PM

    You can use different enforcement policies independent of the posture token. Just think of the posture token as high level posture status.

     

    posture-av-enf.JPG

     

    posture-av-install-radius.JPG



  • 9.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 13, 2015 04:58 PM
    Can you give an example?


  • 10.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    EMPLOYEE
    Posted Sep 13, 2015 04:59 PM

    There are screenshots above.



  • 11.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 14, 2015 09:25 AM
    Sorry. They didn't show up on the Airheads app. Thanks!


  • 12.  RE: I want to redirect user to Specific URL if they are not Healthy on Clearpass ongaurd?

    Posted Sep 14, 2015 01:26 PM

    The granularity I was referring to was within the same posture category. For instance, say I am looking for two different Windows services, Service A and Service B. I don't think it is possible for me to specify in the enforcement policy to treat failure of Service A differently from service B failure.