Security

Hello, im configuring something simple.

A guest portal which does a verification just if its has a antivirus or not

This work great for Windows, MACOS 

But if i try to connect an android it says that its not suppported.   Im aware is not supported but there is a way to not to scan in the same SSID the android devices?, i mean  not to scan the android devices but to scan the windows and mac os deivces?

Cheers

Carlos

Why not use the endpoint DB as an authz source and then use logic like:

IF DEVICE TYPE = Computer AND OS FAMILY MATCHES_ANY WIndows/OSX, then send back the role for the OnGuard portal.

For everything else, just hand out a restricted role that will allow what you require based on policy.

It doesnt matter that on the SSID on the selft registration i got  Require a successful OnGuard health check?

Sorry i just kind of lost with clearpass i have been doing really simple things so far.

Cheers

Carlos

You will need to create two captive portals. One with OnGuard and one without. In the controller you will then setup two roles so when the device first connects it will get a role based on the device type. You will need to create that rule in the service.

Here is an example of my MDM service. You will need to do the opposite just like Seth suggested.

Thank you