Security

Reply
Super Contributor I
Posts: 303
Registered: ‎02-07-2013

Why cache SQL auth source results for 10 hours?

Here's a question for you:-

 

I needed to link our clearpass service into an existing quarantine solution used by our FreeRadius service. I did this by having a separate MySQL mac_address table with a field that identifies whether a device is quarantined or not and creating an authentication source that does "select count(*) from  .... where <mac address is quarantined>"

 

This returns a 0 if not quarantined  and 1 if quarantined. I then use this to set a Quarantine role which is used in my enforcement policy.

 

Problem is that there is a default caching policy of 10 hours on a generic SQL auth source ... 10 HOURS!

 

Why 10 hours? That's hell of a long time. I know you can change it for  a given auth source object, but a cursory glance at the default makes you think its 3600 seconds i.e. an hour

 

Rgds

A

 

Guru Elite
Posts: 8,637
Registered: ‎09-08-2010

Re: Why cache SQL auth source results for 10 hours?

I don't think there is a specific reason why that is the default. The expectation is that you would change it depending on the use case.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: