How it Works
Dell
Loading...
P
Loading...
Loading...
Powerconnect W-ClearPass Virtual Appliances
User Manual
558 pgs16.26 Mb0
Installation Manual
8 pgs3.88 Mb0
Getting Started Guide
34 pgs1.36 Mb0
Quick Start Manual
28 pgs1.11 Mb0
Deployment Guide
320 pgs11.54 Mb0
Configuration manual
39 pgs1.36 Mb0
Reference Guide
4 pgs188.49 Kb0
Tech Note
31 pgs1.18 Mb0
Tech Sheet
18 pgs625.58 Kb0

Dell Powerconnect W-ClearPass Virtual Appliances Reference Guide

Dell Networking W-ClearPass Policy Model 6.0

An Introduction

From the point of view of a network device or other entities that need authentication services, Policy Manager appears as a RADIUS, TACACS+ or Web Authentication server; however, its rich and extensible policy model allows it to broker security functions across a range of existing network infrastructure, identity stores, health/posture services and client technologies within the Enterprise.

Services Paradigm

l Unique Categorization Rules (per Service) enable Policy Manager to test Access Requests ("Requests") against
NOTE: Policy Manager ships configured with a number of basic Service types. You can flesh out these Service types, copy them for use as templates, import other Service types from another implementation (from which you have previously exported them), or develop new Services from scratch.
l By wrapping a specific set of Policy Components, a Service can coordinate the flow of a request, from
Figure 1: Dell Networking W-ClearPass Policy Manager Flow of Control and Table 1: Policy Manager Service Components illustrate and describe the basic Policy Manager flow of control and its underlying architecture.
are the highest level element in the Policy Manager policy model. They have two purposes:
available Services to provide robust differentiation of requests by access method, location, or other network vendor-specific attributes.
authentication, to role and health evaluation, to determination of enforcement parameters for network access.
0511287-01 | Mar 2013 1
Figure 1: Dell Networking W-ClearPass Policy Manager Flow of Control
Table 1:
Policy Manager Service Components
Component Service:
component ratio
A - Authentication Method Zero or more per
service
Description
EAP or non-EAP method for client authentication.
Policy Manager supports four broad classes of authentication methods:
l EAP, tunneled: PEAP, EAP-FAST, or EAP-TTLS. l EAP, non-tunneled: EAP-TLS or EAP-MD5. l Non-EAP, non-tunneled: CHAP, MS-CHAP, PAP, or MAC-
AUTH.
l MAC_AUTH must be used exclusively in a MAC-based
Authentication Service. When the MAC_AUTH method is selected, Policy Manager: (1) makes internal checks to verify that the request is indeed a MAC Authentication request (and not a spoofed request) and (2) makes sure that the MAC address of the device is present in the authentication source.
2 Dell Networking W-ClearPass PolicyModel 6.0 | An Introduction
Loading...
+ 2 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use