攻城狮论坛

IE-LAB

作者: Genesis
查看: 183|回复: 183

主题标签Tag

more +今日重磅推荐Recommend No.1

[2017.10.10] 所有厂商 最新题库[2017.10.10] 所有厂商 最新题库

more +随机图赏Gallery

HCNP无线视频HCNP-WLAN-POEW规划优化企业无线局域网络H12-322HCNP无线视频HCNP-WLAN-POEW规划优化企业无线局域网络H12-322
华为HCNP无线视频HCNP-WLAN-CEWA构建企业无线局域网络架构H12-321华为HCNP无线视频HCNP-WLAN-CEWA构建企业无线局域网络架构H12-321
心得分享-脱产复习1周,905分已考过-心得分享-脱产复习1周,905分已考过-
历年真题~~计算机认证等级考试 三级网络技术视频学习+资料下载 综合题专项讲解,宝典历年真题~~计算机认证等级考试 三级网络技术视频学习+资料下载 综合题专项讲解,宝典
细致无比~全国等级考试二级C语言考试视频教程226集 女老师全国认证等级考试编程认证细致无比~全国等级考试二级C语言考试视频教程226集 女老师全国认证等级考试编程认证
1080p高清~2017年最新 雅图计算机二级视频课程 Excel函数视频5集 作业复习 邮件合并1080p高清~2017年最新 雅图计算机二级视频课程 Excel函数视频5集 作业复习 邮件合并
韩顺平j2ee视频教程.细说servlet视频教程 详细讲解 从新手变高手就差这个视频了韩顺平j2ee视频教程.细说servlet视频教程 详细讲解 从新手变高手就差这个视频了
2017年最新 韩老师教你学IT CCNA视频 综合案例设计+模拟器PacketTracer和GNS32017年最新 韩老师教你学IT CCNA视频 综合案例设计+模拟器PacketTracer和GNS3
想学真东西的戳我~泰克小美女 HCNP存储视频17集 认真讲解 夯实基础 最新华为视频想学真东西的戳我~泰克小美女 HCNP存储视频17集 认真讲解 夯实基础 最新华为视频
2017最新 乾颐堂军哥白老师HCNA完整入门学习 华为网络技术视频教程 HCNA视频+学习笔记2017最新 乾颐堂军哥白老师HCNA完整入门学习 华为网络技术视频教程 HCNA视频+学习笔记
论坛首发。QYT 2017年最新明教教主的无线MSE教程 完美解密高清非翻录版论坛首发。QYT 2017年最新明教教主的无线MSE教程 完美解密高清非翻录版
和秋叶一起学PPT、阿文新课:我懂个P、和阿文学信息图表、EXCEL表格之道专业版、阿...和秋叶一起学PPT、阿文新课:我懂个P、和阿文学信息图表、EXCEL表格之道专业版、阿...

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

  [复制链接]
查看: 183|回复: 183
开通VIP 免金币+免回帖+批量下载+无广告
Aruba ClearPass & Palo Alto Networks Advanced Deployment Use-Cases

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases - 攻城狮论坛 - Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

Table
of
Contents
Overview
......................................................................................................................................................................
4
Deploying
CPPM
and
PANW
Overview
......................................................................................................
4
CPPM
Config

A
very
short
recap
...........................................................................................................
5
Brief
review
of
CPPM
/
PANW
exchanged
attributes
.....................................................................
6
Advanced
Deployment
Scenario’s
.....................................................................................................................
8
PANW
Configuration
to
use
AD
Groups
to
enforce
policy
.................................................................
8
Configure
PANW
to
ingest
AD
Groups
information
.........................................................................
8
Configuring
PANW
Rules
to
limit
Access
for
AD
Groups
............................................................
10
PANW
Configuration
to
use
HIP
Objects
to
enforce
policy
............................................................
13
Useful
DEBUG/Info
Commands
for
AD
Group
configuration
on
PANW
..............................
16
CPPM
Configuration
to
support
Guest
MAC
Caching
auth
..............................................................
18
Overview
of
this
feature
...........................................................................................................................
18
Technical
Description
of
the
problem
and
the
resolution
.........................................................
18
Table
of
Figures
Figure
1
-‐
Summary
of
CPPM
configuration
steps
.....................................................................................
5
Figure
2
-‐
HIP
Objects
Options
............................................................................................................................
6
Figure
3
-‐
HIP
OS
Options
.....................................................................................................................................
7
Figure
4
-‐
Adding
an
LDAP
definition
for
AD
...............................................................................................
8
Figure
5
-‐
Defining
PANW
UserID
Group
Mapping
server
.....................................................................
9
Figure
6
-‐
Adding
AD
Group's
to
an
Include
Group
list
.........................................................................
10
Figure
7
-‐
Firewall
rule
'PLM-‐Block-‐Social'
................................................................................................
11
Figure
8
-‐
Firewall
rule
'PLM-‐Block-‐Social'
detailed
info
....................................................................
11
ClearPass
6.3.x
Tech
Note:
CPPM
with
PANW
deployment
scenarios
-‐
TechNote
Aruba
Networks
3
Figure
9
-‐
User
successfully
authenticating
against
AD
........................................................................
11
Figure
10
-‐
Details
of
user
carlos
in
AD
group
plm
.................................................................................
12
Figure
11
-‐
PANW
firewall
logs
shown
allow
and
block
for
traffic
..................................................
12
Figure
12
-‐
Unauthorized
access
attempt
shown
to
the
user
from
the
PANW
...........................
12
Figure
13
-‐
Create
a
HIP
Object
to
match
a
device
running
Windows
XP
.....................................
13
Figure
14
-‐
Adding
multiple
HIP
Objects
to
a
HIP
Report
....................................................................
14
Figure
15
-‐
PANW
firewall
policy
denying
XP
endpoints
based
upon
HIP
Report
...................
14
Figure
16
-‐
Details
behind
the
deny
rule
.....................................................................................................
14
Figure
17
-‐
Traffic
being
denied
based
upon
HIP
Object
data
...........................................................
15
Figure
18
-‐
Example
HIP
Object
sent
to
Palo
Alto
Networks
..............................................................
15
Figure
19
-‐
CLI
command
to
refresh
AD
group
data
..............................................................................
16
Figure
20

CLI
command
to
show
AD
groups
ingested
from
AD
....................................................
16
Figure
21
-‐
CLI
command
to
show
AD
groups
on
firewall
(short
output)
....................................
16
Figure
22
-‐
CLI
command
showing
actual
users
in
AD
groups
(TME)
...........................................
17
Figure
23
-‐
CLI
command
showing
actual
users
in
AD
groups
(PLM)
............................................
17
Figure
24

RADIUS
Enforcement
Profile
with
%{Endpoint:Username}
......................................
19
Figure
25
-‐
CPPM
enforcement
profile
for
PANW
endpoint
prior
to
CPPM
6.3.1
.....................
19
Figure
26
-‐
Pre
6.3.1
Session-‐Check
attributes
.........................................................................................
20
Figure
27
-‐
Post
6.3.1
Session-‐Check
attributes
.......................................................................................
20
Figure
28
-‐
PANW
enforcement
profile
PLUS
MAC
Cache
required
post
CPPM
6.3.1
.............
21



购买主题 已有 6 人购买  本主题需向作者支付 11 金币 才能浏览
CCNA考试 官方正规报名 仅需1500元
回复 论坛版权

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:49 | 显示全部楼层
11111111111111111111
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:50 | 显示全部楼层
1111111111111111
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:51 | 显示全部楼层

2222222222

22222222222
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:44:42 | 显示全部楼层
33333333333

评分

参与人数 1金币 -10 收起 理由
宅男女神 -10 勿灌水!禁止纯拼音/纯表情/无意义字符!

查看全部评分

回复 支持 反对

使用道具 举报

聱菅绢隽戒 [Lv5 不断成长] 发表于 2016-12-30 23:41:43 | 显示全部楼层
学习了,谢谢分享、、、
回复 支持 反对

使用道具 举报

海皇CHICBOY [Lv8 技术精悍] 发表于 2016-12-30 23:46:15 | 显示全部楼层
现在账号真不容易得到啊,所以看到楼主发帖一定要支持下~
回复 支持 反对

使用道具 举报

wonglaye [Lv5 不断成长] 发表于 2016-12-30 23:51:48 | 显示全部楼层
过来看看的,感谢攻城狮论坛
回复 支持 反对

使用道具 举报

monkeyman [Lv9 无所不能] 发表于 2016-12-31 00:22:57 | 显示全部楼层
攻城狮论坛的资料就是全,在这里找不到的资料在其他网站也很难找到!
回复 支持 反对

使用道具 举报

monkeyman [Lv9 无所不能] 发表于 2016-12-31 00:23:18 | 显示全部楼层
攻城狮论坛的资料就是全,在这里找不到的资料在其他网站也很难找到!
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

官方QQ群

QQ|无图浏览|手机版|网站地图|攻城狮论坛 ( 京ICP备12049419号 )|网站地图

GMT+8, 2017-10-22 14:22 , Processed in 0.468412 second(s), 31 queries , Gzip On, Memcache On.

Powered by Discuz! X3.2 © 2001-2013 Comsenz Inc.

Designed by ARTERY.cn