0511287-01 | Mar 2013
1
Dell Networking W-ClearPass Policy Model 6.0
An Introduction
From the point of view of a network device or other entities that need authentication services, Policy Manager
appears as a RADIUS, or Web Authentication server; however, its rich and extensible policy model
allows it to broker security functions across a range of existing network infrastructure, identity stores, health/posture
services and client technologies within the Enterprise.
Services Paradigm
Services
are the highest level element in the Policy Manager policy model. They have two purposes:
l
Unique
Categorization Rules
(per Service) enable Policy Manager to test Access Requests ("Requests") against
available Services to provide robust differentiation of requests by access method, location, or other network
vendor-specific attributes.
NOTE: Policy Manager ships configured with a number of basic Service types. You can flesh out these Service types, copy them for
use as templates, import other Service types from another implementation (from which you have previously exported them), or
develop new Services from scratch.
l
By wrapping a specific set of
Policy Components
, a Service can coordinate the flow of a request, from
authentication, to role and health evaluation, to determination of enforcement parameters for network access.
Figure 1
:
Dell Networking W-ClearPass Policy Manager Flow of Control
and
Table 1
:
Policy Manager Service
Components
illustrate and describe the basic Policy Manager flow of control and its underlying architecture.