TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

last person joined: 7 hours ago

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).

Back to discussions

Expand all | Collapse all

TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

This thread has been viewed 3 times

1. TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

0 Kudos
JeremyW
Posted Jun 22, 2016 09:04 AM

Reply Reply Privately
Hi fellow AirHeads,

Would like to find out how to create ClearPass TACACS+ Super Admin & Read-Only Enforcement Policies with the following Firewall vendors / model:
- Palo Alto
- Juniper SRX
- McAfee SW
- Cisco ASA

There is the TACACS+ Service Dictionaries but not too sure if the above Firewall is able to use the existing Service Dictionaries.

Do help share on your experience / guides. Thanks in advance.
2. RE: TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

0 Kudos
EMPLOYEE

cappalli
Posted Jun 22, 2016 09:10 AM

Reply Reply Privately
Each vendor is going to need difference enforcements.

Some want a role name, others want a priv level with command authorization. You're going to have to do some research for each vendor.

Security

TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

1. TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco

2. RE: TACACS+ SuperAdmin / ReadOnly Enforcement Policies for Palo Alto, Juniper, McAfee and Cisco