last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

ClearPass Operator Profile Session Filter

Jump to Best Answer
  • 1.  ClearPass Operator Profile Session Filter

    Posted May 26, 2020 04:43 PM



    I created a custom operator profile in ClearPass that grants access to ClearPass Onboard. The only permission applied is Delete Certificate.


    I am able to successfully login using a test account. I noticed that all certificates in ClearPass are visible. I would like to only display certificates of type tls-client.


    I was looking at the "Session Filter" option within the Operator Profile. I tried to do the following:



    In the help section for this option it says "..or any other fields that are configured for search...". You can definitely search by certificate type.


    Just curious if this is a valid use case for Session Filter? Or is there some other way to limit an operator's view to tls-client certificates only?






  • 2.  RE: ClearPass Operator Profile Session Filter
    Best Answer

    Posted May 26, 2020 08:42 PM

    This is not possible natively. You'd need to use the REST API with a custom web app.

  • 3.  RE: ClearPass Operator Profile Session Filter

    Posted May 27, 2020 07:09 AM

    @timms, thank you for the info.

    Would be a nice feature to have but I guess it is something that doesn't come up often.