Security

I'm currently using a "belongs-to" lit of comma delimited UserNames as part of a service selection. This is o.k for small number of users but is  a bit  of a pain as the number of users increase. Can';t use a regex  and  the "belongs to group" option in't available.

1).Can someone remind me how to make a enhsncement request

2). Anyyone suggest  another way of using long list of  usernames  as pasrt of a service selection ?
Rgds
Alex

------------------------------
Alex Sharaz
------------------------------

What is this use case? Complex service rules are not recommended in busy environments.

------------------------------
Tim C
------------------------------

Original Message:
Sent: Mar 30, 2021 06:50 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

I'm currently using a "belongs-to" lit of comma delimited UserNames as part of a service selection. This is o.k for small number of users but is  a bit  of a pain as the number of users increase. Can';t use a regex  and  the "belongs to group" option in't available.

1).Can someone remind me how to make a enhsncement request

2). Anyyone suggest  another way of using long list of  usernames  as pasrt of a service selection ?
Rgds
Alex

------------------------------
Alex Sharaz
------------------------------

We have a TACACS service for our switch estate. Issue is whole range of silly authentication attempts to access our switches. Wanted to have a service for valid users ( local users defined in clearpass) and a default deny all tacacs requests for all the silly stuff. That way if we generate a report on successful /failed auths based upon service, the silly auth attempts don’t skew the results for real valid users

A


Original Message:
Sent: 3/30/2021 9:17:00 AM
From: timms
Subject: RE: CPPM Servce selection using UserName

What is this use case? Complex service rules are not recommended in busy environments.

------------------------------
Tim C
------------------------------

Original Message:
Sent: Mar 30, 2021 06:50 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

I'm currently using a "belongs-to" lit of comma delimited UserNames as part of a service selection. This is o.k for small number of users but is  a bit  of a pain as the number of users increase. Can';t use a regex  and  the "belongs to group" option in't available.

1).Can someone remind me how to make a enhsncement request

2). Anyyone suggest  another way of using long list of  usernames  as pasrt of a service selection ?
Rgds
Alex

------------------------------
Alex Sharaz
------------------------------

I'd recommend you do that filtering in your report instead of in the service. You can just apply a tag (TIPS role) and then use that in your report filter.

------------------------------
Tim C
------------------------------

Original Message:
Sent: Mar 31, 2021 03:47 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

We have a TACACS service for our switch estate. Issue is whole range of silly authentication attempts to access our switches. Wanted to have a service for valid users ( local users defined in clearpass) and a default deny all tacacs requests for all the silly stuff. That way if we generate a report on successful /failed auths based upon service, the silly auth attempts don't skew the results for real valid users

A


Original Message:
Sent: 3/30/2021 9:17:00 AM
From: timms
Subject: RE: CPPM Servce selection using UserName

What is this use case? Complex service rules are not recommended in busy environments.

------------------------------
Tim C

Original Message:
Sent: Mar 30, 2021 06:50 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

I'm currently using a "belongs-to" lit of comma delimited UserNames as part of a service selection. This is o.k for small number of users but is  a bit  of a pain as the number of users increase. Can';t use a regex  and  the "belongs to group" option in't available.

1).Can someone remind me how to make a enhsncement request

2). Anyyone suggest  another way of using long list of  usernames  as pasrt of a service selection ?
Rgds
Alex

------------------------------
Alex Sharaz
------------------------------

Wouldn't it be better to find out where the silly authentications are coming from and eliminating them first. I'd consider that a key element to the report if users are trying random combinations. 

How did you end up with lots of different usernames? I use the service categorization rules for really specific eliminations. Like timms, apply a tag to different usernames or authentication of different databases/sources and use that to filter in the report.

------------------------------
Jeroen Celis
------------------------------

Original Message:
Sent: Mar 31, 2021 03:47 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

We have a TACACS service for our switch estate. Issue is whole range of silly authentication attempts to access our switches. Wanted to have a service for valid users ( local users defined in clearpass) and a default deny all tacacs requests for all the silly stuff. That way if we generate a report on successful /failed auths based upon service, the silly auth attempts don't skew the results for real valid users

A


Original Message:
Sent: 3/30/2021 9:17:00 AM
From: timms
Subject: RE: CPPM Servce selection using UserName

What is this use case? Complex service rules are not recommended in busy environments.

------------------------------
Tim C

Original Message:
Sent: Mar 30, 2021 06:50 AM
From: Alex Sharaz
Subject: CPPM Servce selection using UserName

I'm currently using a "belongs-to" lit of comma delimited UserNames as part of a service selection. This is o.k for small number of users but is  a bit  of a pain as the number of users increase. Can';t use a regex  and  the "belongs to group" option in't available.

1).Can someone remind me how to make a enhsncement request

2). Anyyone suggest  another way of using long list of  usernames  as pasrt of a service selection ?
Rgds
Alex

------------------------------
Alex Sharaz
------------------------------