Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Monitoring only vs Enforced

This thread has been viewed 1 times

  • 1.  Monitoring only vs Enforced

    Posted Jun 26, 2018 10:45 AM

    I have a customer requirement to be able to define some policies as monitor only, and others as enforced. I cannot find a way to accomplish that. 

    - The option for monitor only is available only for 4 components in a posture policy. The others do not have this option.

    - At any case, the customer require to be able to define per each low level policy if it is monitor only or enforced. 

    - I thought I could use 2 different posture policies in the web auth service, and then use the enf rules, but turns out that if you put multiple posture policies in one service, there is only one winning. The other ones are not applied. 



  • 2.  RE: Monitoring only vs Enforced

    EMPLOYEE
    Posted Jun 26, 2018 10:47 AM
    What authentication method?


  • 3.  RE: Monitoring only vs Enforced

    Posted Jun 26, 2018 10:51 AM

    Webauth no authentication. 

     

    Just occured to me that if there no simple solution, I can create a state machine. Check an atribute of the endpoint - then after the compliance check will change tha value of this arrtibute to 2. Then change back and so forth.