Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Video demo of new ClearPass Exchange

This thread has been viewed 1 times

  • 1.  Video demo of new ClearPass Exchange

    Posted Mar 20, 2014 03:16 PM

    Another new feature of ClearPass 6.3 is the ability to specify HTTP enforcement actions for Endpoint Context Servers in addition to any RADIUS enforcement already specified. This allows ClearPass to integrate with a variety of web-services enabled systems and leverage the context gathered during network authentication to trigger additional activity. This new capability to integrate with web-services enabled systems is called ClearPass Exchange.

     

    This was showcased at Airheads 2014 where we leveraged RESTful APIs to talk with a mobile device management solution to trigger new actions as well as remediation when a jailbroken device attempted to connect to the network. We used the native push messaging capabilities of the MDM solution to notify the user or this policy violation and leveraged a further integration with the carrier to send a voice message to the user as well. Lastly, our scenario auto-populated a new helpdesk ticket to inform IT of what had happened and what was done. A new video was created to help demonstrate how to use this new Exchange functionality in ClearPass.  

     

    The video can be found here. Take a look and feel free to share your thoughts and/or experiences leveraging this new capability within your network to create new automated workflows.



  • 2.  RE: Video demo of new ClearPass Exchange

    EMPLOYEE
    Posted Mar 20, 2014 03:22 PM

    Did I also see that it can pass user credentials from the network to a Palo Alto firewall?

     



  • 3.  RE: Video demo of new ClearPass Exchange

    Posted Mar 20, 2014 03:28 PM

    Yes - we have a separate integration with Palo Alto Networks, leveraging an API they recently opened in their OS. The integration with PAN is different in that we are pushing UserID and DeviceID information to them to allow them to leverage in their Policy Engine. What this allows them to do is leverage the ability of CPPM to integrate with multiple ID stores (instead of just AD) and resolve user id information that they didn't see before, as well as leverage our device profiling capabilities to incorporate device details into the Policy Engine (instead of just IP addresses). We have a separate tech note about the integration, which you can find here.

     

     



  • 4.  RE: Video demo of new ClearPass Exchange

    EMPLOYEE
    Posted Mar 20, 2014 03:29 PM

    Thank you.  Integration with Box is awesome!