Security

last person joined: an hour ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

How do I know if a ClearPass profile, policy, role ... was associated with service?

  • 1.  How do I know if a ClearPass profile, policy, role ... was associated with service?

    Posted May 13, 2015 02:02 PM

    Does ClearPass have a way to show if a profile, policy, identity, role… has been configured and used in a service or it is an orphan that can be deleted?

    I know you could only delete a profile or policy… that has not been associated to a service, but it is still nice to know.

    Thanks,



  • 2.  RE: How do I know if a ClearPass profile, policy, role ... was associated with service?

    Posted May 13, 2015 03:31 PM

    if you go into access tracker it will show you what roles and services were used. (screen shot 1). Also you can click the show configuration button is later 6.4 and 6.5 versions of clearpass and it will show you the full service in a new tab.

     

    There are a couple feature requests in to allow remove and reporting on stale services, but is not available today 

     

    Screen Shot 2015-05-13 at 1.42.40 PM.png

     

    Screen Shot 2015-05-13 at 1.42.53 PM.png



  • 3.  RE: How do I know if a ClearPass profile, policy, role ... was associated with service?

    Posted May 13, 2015 05:49 PM

    “Show Configuration” is nice to have. I’ll use it more. Actually what I am looking for is kind of reverse look up.

    Anyone has used the AOS command “show reference x y z,” you know how useful the command is. I would like to make a request/wish list for the same command in CPPM.

    For instance, in this “Deny Access Role” if you can put a button “show reference” next to Export and Delete to list all services that this role is associated with.

    1.png

    Regards,

     



  • 4.  RE: How do I know if a ClearPass profile, policy, role ... was associated with service?

    Posted Jul 27, 2015 02:35 PM

    Sounds like a great feature request!