Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Using Clearpass to disable unused ports

This thread has been viewed 1 times

  • 1.  Using Clearpass to disable unused ports

    Posted Nov 16, 2017 05:45 AM

    Is there a way to use Clearpass to block unused ports in wired switches? I could find how, not in documentation neither by playing around in Policy Manager. 

    I guess the more generic question can be: is there a way to do event driven enforcement, when the event is not OnConnect or WebAuth. There is a new Event driven capability in 6.6 but it is only for ingress evnets from a Firewall 



  • 2.  RE: Using Clearpass to disable unused ports

    EMPLOYEE
    Posted Nov 16, 2017 09:01 AM
    Not really understanding your question. When fully configured, every device connected to a port would go through an authentication process.


  • 3.  RE: Using Clearpass to disable unused ports

    Posted Nov 16, 2017 09:04 AM

    It is a requirement from the customers. If a port was not used for over x amount of days, it should be disabled (shut down). I agree that if the port is protected with .1x or MAC auth. there is not much need to disable it, but this requirement from the customer still exists. 



  • 4.  RE: Using Clearpass to disable unused ports

    EMPLOYEE
    Posted Nov 16, 2017 09:07 AM
    No, this is a function of an NMS.