Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How to use "Added At" in a policy rule?

This thread has been viewed 0 times

  • 1.  How to use "Added At" in a policy rule?

    Posted Feb 13, 2019 06:02 AM

    Hi there,

     

    I'm trying to use the "Added At" value on my policy.

    What I want to do is to allow full access for devices that were added during the last 3 days, and then enforce some rules for older devices. Basically, I want to implement a grace period. But I can't find the "Added at" value.

    Any help?


    Thanks



  • 2.  RE: How to use "Added At" in a policy rule?

    EMPLOYEE
    Posted Feb 13, 2019 09:27 AM

    Could you elaborate a bit more on what you are trying to achieve and the workflow please?

    If this is a guest setup you could set the mac auth expiry to be 3 days.



  • 3.  RE: How to use "Added At" in a policy rule?

    Posted Feb 13, 2019 09:35 AM

    This is not for guests.

     

    I have some new mac computers that must enroll with DEP.

    The enrollment will add AV, Inventory, MDM etc.

    My network can only be accesses when the users have the tools.

     

    So, I need to give computers a grace period for them to enroll with DEP and get all the MDM profiles and applications.

     

    Basically, allow access when "Added at" is less than 1 day ago.

     

    Thanks.



  • 4.  RE: How to use "Added At" in a policy rule?

    EMPLOYEE
    Posted Feb 13, 2019 12:23 PM

    What type of MDM is it?  You could query the MDM which will pull in the endpoints.  You could then query whether or not the device has those particular MDM attributes.



  • 5.  RE: How to use "Added At" in a policy rule?

    EMPLOYEE
    Posted Feb 13, 2019 12:14 PM
    This is not available in policy.