Security

last person joined: 17 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Integration of Amigopod and Microsoft TMG

This thread has been viewed 0 times

  • 1.  Integration of Amigopod and Microsoft TMG

    Posted Jun 26, 2012 11:30 PM

    I am facing the following scenario with my Customer.

    They are very security conscious and would like to tightly control their guests wireless users.

     

    That is why they installed Microsoft TMG and passing their guest traffic through this firewall\proxy\logging server. In order to implement not only threat management, but also accounting they would like to log all users actions on TMG server. Could user accounts be retrieved from Amigopod server by Microsoft TMG server via RADIUS protocol, for example?

     

    By the way, can any guest users browsing history logging be implemented at Amigopog server itself?



  • 2.  RE: Integration of Amigopod and Microsoft TMG

    Posted Jun 27, 2012 01:00 AM

    Amigopod supports XMLRPC and SOAP based API's that can be used to integrate with 3rd party systems. These API's could potentially be used to retrieve the guest user details from the proxy server.

     

    Amigopod is not an inline device so its reporting capabilities are limited to the data received from RADIUS accounting data (time, bytes etc) and is not able to reporting on browsing destinations. Amigopod has got an integration with Palo Alto firewalls for the publishing of user identity information into their audit logs for full visibility to application usage and browsing history.



  • 3.  RE: Integration of Amigopod and Microsoft TMG

    Posted Jun 27, 2012 02:39 AM

    Great thanks for your reply!

    Could I get any details on integration with Microsoft firewall? Are there any design guides or configuration examples?



  • 4.  RE: Integration of Amigopod and Microsoft TMG

    Posted Jun 27, 2012 02:47 AM

    I dont believe we have any existing documents on this specific integration with the MS Firewall. We are aware of customers that have used the Microsoft Biztalk development environment in conjunction with our SOAP API to integrate with 3rd party systems.

     

    Details on our SOAP API are available for download from here:

     

    http://support.arubanetworks.com/DOCUMENTATION/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=5293

     

    Details on our XMLRPC API are available for download from here:

     

    http://support.arubanetworks.com/DOCUMENTATION/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=5256



  • 5.  RE: Integration of Amigopod and Microsoft TMG

    Posted Jul 10, 2012 07:45 AM

    Hey there,

    i know this was two weeks ago... but .. i've just installed the ClearPass VM on our test beds and i've noticed that the XML/SOAP stuff doesnt show up in the config menus any more.

     

    Is this a feature that has been removed? if not, how do i access it?

    I have a POC that needs soem fancy information RE who the user is and this is going to be a problem.

     

    Thanks in Advance :)

     



  • 6.  RE: Integration of Amigopod and Microsoft TMG

    Posted Jul 10, 2012 11:39 AM

    The XML API is available on the following URL: https://<FQDN or IP Address of ClearPass Guest>/xmlrpc.php

     

    The API requires HTTP authentication. The tech note posted above describes the steps for creating an Operator account that has the appropriate XML privileges that can be used as part of the API requests.

     

    Hope this helps


    Cam.