Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Help with postgres query on Last Check In

This thread has been viewed 6 times

  • 1.  Help with postgres query on Last Check In

    Posted Dec 08, 2014 12:31 PM

    We enabled airwatch to dump data to our clearpass server but wanted to block access to devices that haven't checked in to the airwatch server within 5 days.   We are using the Endpoint:Last Check In variable

     

     

    We have the timesource setup as:

     

    SELECT (EXTRACT (EPOCH FROM NOW() - interval '5 days'))::int AS Minus5Days;

     

    and the service set to:

     

    (Endpoint:Last Check In  GREATER_THAN  %{Authorization:[Time Source]:Minus5Days}) with a role that sets it to fail 

     

    I think we might have messed up the extract command but we can't figure it out.

     

    anyone have any ideas?

     

     



  • 2.  RE: Help with postgres query on Last Check In

    Posted Mar 08, 2017 10:12 AM

    I'm trying to test this too, for example reject dot1x Access to devices/endpoints that have not checking in the past 3 months, 

     

    I added a filter in Authentication Sources - [Time Source] and tried to add a role mapping rule base on the filter on the Endpoint last checking. 

     

    Any comments how to achive this ?