Mismatch in Airwatch endpoint security attributes after upgrade to 6.6.1 and above

By esupport posted Jan 03, 2018 06:43 AM


After upgrade to 6.6.1 from lower versions, a mismatch is noticed between security endpoint attributes in AirWatch and ClearPass


Below is an example of a client which shows the encryption is enabled which is one of the security attributes in AirWatch.




However, in ClearPass when we compared the security attribute for the client in ClearPass 6.5.x and ClearPass 6.6.5, we see a mismatch in value for attribute : Encryption Enabled which is a security attribute in AirWatch.






As seen from the screenshot seen in AirWatch, we see under the security tab, that encryption is enabled. We see a mismatch in ClearPass 6.6.5 for this value whereas we see the correct value for attribute :Encryption Enabled in 6.5.7


From 6.6.1, secondary polling of endpoint details to grab additional endpoint policy data from AirWatch was made optional to improve the performance. By default the value is false which means ClearPass will not poll additional attributes of endpoint from AirWatch from 6.6.1.


In order to fetch additional endpoint attributes like security attributes of endpoints from AirWatch, enable the option: Enable to fetch Endpoint Security Info under Administration->External Servers->Endpoint Context Servers for AirWatch. 



On enabling this option, ClearPass will poll security attributes of endpoint  from AirWatch. This value will be corrected in 6.7 to remain as TRUE by default therefore on upgrading to 6.7, option: Enable to fetch Endpoint Security would be enabled by default and can manually be disabled if it's not required.