Security

last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

CPPM and Insight

Jump to Best Answer
  • 1.  CPPM and Insight

    Posted Sep 04, 2013 09:02 AM

    Hi,

     

    I wanted to start working with the Insight component of the CPPM.

    The first thing I discovered was that it appears that there is no service defined for it by default.

     

    So I created a service that uses 'Application type name = Insight' for the service rule.

    Not sure if this is correct or not?

     

    I was wondering if there are any recommendations for the type of permissions to assign to the users who gain access to it?

    Should the service be setup in a similar fashion to the default 'Policy Manager Admin Network Login Service'?

    I am sort of assuming that Insight in available as part of the CPPM, does it require an additonal license of any type to use?

     

    The only documentation that I was able to find that sort of directly addressed Insight was this: Jump Start Guide

     

    Do you guys have any other recommended reading for Insight?

    Based on what I have seen it looks like you can do some pretty neat stuff with it. Most notably @tarnolds example here

     

    Thank you,

     

    Cheers



  • 2.  RE: CPPM and Insight

    Posted Sep 04, 2013 09:25 AM

    The service you created is correct.

     

    I haven't been able to create any granular controls for Insight and honestly haven't really needed to. The Insight application itself is a reporting tool so there's not much to lock down.



  • 3.  RE: CPPM and Insight

    Posted Sep 04, 2013 09:32 AM

    Thanks @cappalli

     

    I really wasn't sure as I have yet to really work with it.

     

    Thank you though for your feedback.

     

    I suppose I would be safe then setting the service up in the same fashion that I setup the Service which allows our admins to sign into the CPPM with their domain credentials.

     

    Cheers



  • 4.  RE: CPPM and Insight

    Posted Sep 04, 2013 09:36 AM

    We used the same roll mapping policy from our TACACS service and returned [Operator Login - Admin Users] in the enforcement policy.



  • 5.  RE: CPPM and Insight
    Best Answer

    Posted Sep 04, 2013 09:41 AM

    Awesome!

    I will take a look at that Enforcement Policy.

     

    We have used that one as well in our environment (Just implemented our own naming convention).

     

    I will play with it and see how it works.

     

    Thank you for the suggestion once again!



  • 6.  RE: CPPM and Insight

    Posted Sep 09, 2013 09:11 AM

    Hi,

     

    I was just wondering if there is any configuration setup that needs to be done prior to using Insight?

    I finally got around to setting up the service for Insight and when I logged in there is no data available.

     

    In the InsightJumpstartGuide1.4.pdf they talk about the need to configure Insight with the server information. That does not appear to exist anymore, at least that from within the Insight as far as I can tell.

     

    Thank you,

     

    Cheers



  • 7.  RE: CPPM and Insight

    Posted Sep 09, 2013 09:18 AM

    Do you have Insight enabled for each of your servers under Administration > Server Manager > Server Configuration > System?

     

    cp_insight-enabled.PNG



  • 8.  RE: CPPM and Insight

    Posted Sep 09, 2013 09:27 AM

    *facepalm*

     

    Wow. No I did not have that set. Doh!

     

    I now have it enabled!

     

    It looks like Insight is slowly starting to populate with data.

    I will keep an eye on it and hopefully more data starts to trickle in.

     

    Thank you once again @cappalli!



  • 9.  RE: CPPM and Insight

    Posted Sep 09, 2013 09:33 AM
    I believe by default the sever only stores 7 days of data (that can be changed in the cluster wide settings)so if insight wasn't enabled you will loose any data before that time. It takes up to 3 min for data to show up in insight depending on how much there is.


  • 10.  RE: CPPM and Insight

    Posted Sep 09, 2013 09:37 AM

    @tarnold

     

    That makes sense.

    I thought it might be something along those lines.

     

    I have only just enabled it today so I guess as the days go on the data should start flesh out a little more.



  • 11.  RE: CPPM and Insight

    Posted Jun 30, 2014 05:48 PM

    @cappalli

     

    Thanks for the post I was having the same issues replicating a customer issue and I didn't even see that small checkbox listed. We were having issues getting data from the insightDB and it almost seemed that info was not being passed from the Endpoints Repisotory to Insight Repisotory.

     

    I did see some of your other posts in regards to selecting the Insight for Authorization, although that only helps if the Insight is enabled. 

     

    Thanks again!