Security

last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Operator Profile Session Filter

Jump to Best Answer
  • 1.  ClearPass Operator Profile Session Filter

    Posted May 26, 2020 04:43 PM

    Hi,

     

    I created a custom operator profile in ClearPass that grants access to ClearPass Onboard. The only permission applied is Delete Certificate.

     

    I am able to successfully login using a test account. I noticed that all certificates in ClearPass are visible. I would like to only display certificates of type tls-client.

     

    I was looking at the "Session Filter" option within the Operator Profile. I tried to do the following:

    certificate_type=tls-client

    th_son_0-1590525362073.png

    In the help section for this option it says "..or any other fields that are configured for search...". You can definitely search by certificate type.

     

    Just curious if this is a valid use case for Session Filter? Or is there some other way to limit an operator's view to tls-client certificates only?

     

    Cheers,

     

    Todd

     



  • 2.  RE: ClearPass Operator Profile Session Filter
    Best Answer

    Posted May 26, 2020 08:42 PM

    This is not possible natively. You'd need to use the REST API with a custom web app.



  • 3.  RE: ClearPass Operator Profile Session Filter

    Posted May 27, 2020 07:09 AM

    @timms, thank you for the info.

    Would be a nice feature to have but I guess it is something that doesn't come up often.