Security

 View Only
last person joined: 2 days ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM Posturing related questions

This thread has been viewed 11 times

  • 1.  CPPM Posturing related questions

    Posted 13 days ago

    Hello guys,

    we are deploying CPPM Posture, and we have some questions, we would like to know the best answers for it, we want to achieve the following via Posturing:

    If (AD User + Domain Joined Machine + Latest OS + Updated Microsoft Defender)

    then assign healthy VLAN.

    if one is not valid,

    then assign Quarantine VLAN.


    DHCP for VLAN (NAC-Quarantine):
    Is DHCP provision necessary for NAC-Quarantine VLAN?
     
    Internet Access for NAC-Quarantine VLAN:
    Should internet access be provided to NAC-Quarantine VLAN?
     
    Mitigation Plan for Non-Compliance:
    What is our mitigation plan for rectifying non-compliant endpoints?
     
    Helpdesk Procedure:
    Could we establish a working procedure for the Helpdesk team to handle non-compliant endpoints?



    ------------------------------
    Eyad Subeh
    ------------------------------


  • 2.  RE: CPPM Posturing related questions

    Posted 12 days ago

    Use OnGuard persistent agent.

    Sequence of authentication:

    1. Machine Auth (RADIUS)
    2. User Auth (RADIUS)
    3. Posture Check (WEBAUTH)
    4. CPPM Send CoA (RADIUS-reverse direction)
    5. User Auth (RADIUS)

    Original Message