Security

last person joined: 13 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass Operator Profile Session Filter

This thread has been viewed 1 times

  • 1.  ClearPass Operator Profile Session Filter

    Posted May 26, 2020 04:43 PM

    Hi,

     

    I created a custom operator profile in ClearPass that grants access to ClearPass Onboard. The only permission applied is Delete Certificate.

     

    I am able to successfully login using a test account. I noticed that all certificates in ClearPass are visible. I would like to only display certificates of type tls-client.

     

    I was looking at the "Session Filter" option within the Operator Profile. I tried to do the following:

    certificate_type=tls-client

    th_son_0-1590525362073.png

    In the help section for this option it says "..or any other fields that are configured for search...". You can definitely search by certificate type.

     

    Just curious if this is a valid use case for Session Filter? Or is there some other way to limit an operator's view to tls-client certificates only?

     

    Cheers,

     

    Todd

     



  • 2.  RE: ClearPass Operator Profile Session Filter
    Best Answer

    MVP EXPERT
    Posted May 26, 2020 08:42 PM

    This is not possible natively. You'd need to use the REST API with a custom web app.



  • 3.  RE: ClearPass Operator Profile Session Filter

    Posted May 27, 2020 07:09 AM

    @timms, thank you for the info.

    Would be a nice feature to have but I guess it is something that doesn't come up often.