Aruba ClearPass
  • 29 Nov 2022
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Aruba ClearPass

  • Dark
    Light
  • PDF

Aruba ClearPass is a network access control (NAC) solution that allows enterprises to identify devices, enforce policies, and remediate threats.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Aruba ClearPass Domain (required) - Use your Aruba ClearPass domain.

  2. Client ID and Client Secret (required) - The client ID and client secret you created to use the Aruba ClearPass API. For more details, see the Create an Aruba ClearPass RestAPI Client section below.

  3. Verify SSL - Select whether to verify the SSL certificate offered by the value supplied in Aruba ClearPass Domain. For more details, see SSL Trust & CA Settings.

  4. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Aruba ClearPass Domain.

  5. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

ArubaClerPass.png

Advanced Settings

Note:

From version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Get extended agent information (required, default: true) - Select whether to fetch extended agent information from the ClearPass agent.

  2. Do not fetch endpoint devices without 'Last Seen' -

    • If selected, endpoint devices without 'Last Seen' are ignored during the fetch.
    • If cleared, endpoint devices without 'Last Seen' are also fetched by Axonius.
  3. Fetch network devices (required, default: true) -

    • If selected, all connections for this adapter will fetch Network type devices, regardless of the Do not fetch endpoint devices without 'Last Seen' setting.
    • If cleared, all connections for this adapter won’t fetch network devices.
  4. Results per page (required, default: 100) - Set the number of results per page received for a given request to gain better control on the performance of connections for this adapter.

Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Create an Aruba ClearPass RestAPI Client

You must create a client to use the Aruba ClearPass API. Consider this client as the App definition on Aruba ClearPass. Without this client, access to the API isn't possible.

To create the client

  1. Open Aruba ClearPass Guest and go to Administration –> API Services –> API Clients and click Create API Client.
  2. Provide the following information:
    • Client ID - Creates the connection between the user and the API.
    • Operator Profile - Includes the API Services access rights. Axonius required read-only permissions.
    • Grant Type - Set the OAuth2 authentication method as 'Client Credentials'.
    • Public Client - Make sure this option is cleared.
Note:

Read Only Administrator Operator Profile doesn't give API permissions by default.

  1. Save changes and copy the Client ID and the Client Secret.
  2. Add the IP address of the Axonius instance to the ClearPass API Access List.

Create a ClearPass Profile

To create a Profile in ClearPass

  1. From Operator Logins > Profile, select Edit to edit the profile that the user created.

ClearPAssConfig1.png

  1. From Policy Manager, select Custom.

  2. Allow Read access to the following:

    • Identity - Endpoints
    • Network - Devices
    • Insight - Endpoints



Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.