Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Only Allow Machine and User Authentication Clearpass

This thread has been viewed 0 times

  • 1.  Only Allow Machine and User Authentication Clearpass

    Posted Oct 06, 2015 12:50 PM

    I created a policy in ClearPass that I thought would only allow a machine and user that is authenticted against our AD to gain access.

    The rule Matches All the following conditiions

    TIPS Role equals [machine Authenticated]

    TIPS Role equals [User Authenticatd] than assign the role employee

     

    The problem is as long as a user is authenticated by our AD they can get on with any device

     

    Ie. A IPad that is not in our AD but a valid user in our AD can sign in with the IPAD. What am I not understanding?



  • 2.  RE: Only Allow Machine and User Authentication Clearpass

    EMPLOYEE
    Posted Oct 06, 2015 01:10 PM
    You default profile in your enforcement policy should be "deny all"


  • 3.  RE: Only Allow Machine and User Authentication Clearpass

    Posted Oct 06, 2015 01:32 PM

    Thanks for the quick response. Much appreciated.



  • 4.  RE: Only Allow Machine and User Authentication Clearpass

    Posted Oct 07, 2015 02:17 AM
      |   view attached

    you can configure with your own SSID