攻城狮论坛

IE-LAB

作者: Genesis
查看: 792|回复: 168

主题标签Tag

more +今日重磅推荐Recommend No.1

15日 北京 ITS网络技术峰会 抽奖+CTO面对面15日 北京 ITS网络技术峰会 抽奖+CTO面对面

more +随机图赏Gallery

1200个视频 斯坦福大学 顶级机器学习课程视频教程 人工智能最新科技成果分享1200个视频 斯坦福大学 顶级机器学习课程视频教程 人工智能最新科技成果分享
EVE-NG最好用的模拟器,摒弃GNS3,仿真环境时代来临!提供下载链接!EVE-NG最好用的模拟器,摒弃GNS3,仿真环境时代来临!提供下载链接!
三旗无线CCIE,看着很强的cisco wlan培训,少有的资料三旗无线CCIE,看着很强的cisco wlan培训,少有的资料
原创学习笔记~论坛会员~崔耀耀~个人学习笔记分享【感恩/分享】原创学习笔记~论坛会员~崔耀耀~个人学习笔记分享【感恩/分享】
论坛首发-乾颐堂乾颐盾现任明教教主之深信服应用交付论坛首发-乾颐堂乾颐盾现任明教教主之深信服应用交付
新课2017最新视频 乾颐堂融合网络CCNA 2017现任明教教主CCIE基础班 最新视频教程新课2017最新视频 乾颐堂融合网络CCNA 2017现任明教教主CCIE基础班 最新视频教程
论坛首发-最新2017亁颐堂现任明教教主CCNA安全视频学习教程下载 各种vpn技术讲解论坛首发-最新2017亁颐堂现任明教教主CCNA安全视频学习教程下载 各种vpn技术讲解
思科网络技术网管视频教程 独特视角27集 完整光盘版思科网络技术网管视频教程 独特视角27集 完整光盘版
Tech-lab 华为HCNA-Cloud云计算培训 17集 自学认证考试视频分享 详解FusionManagerTech-lab 华为HCNA-Cloud云计算培训 17集 自学认证考试视频分享 详解FusionManager
乾颐堂秦柯教主讲解的VPN实验 思科安全经典视频教程 思科VPN学习视频15集乾颐堂秦柯教主讲解的VPN实验 思科安全经典视频教程 思科VPN学习视频15集
Tech-Lab泰克实验室 专业华为CHNA云计算Cloud视频教程 虚拟化云计算视频教程Tech-Lab泰克实验室 专业华为CHNA云计算Cloud视频教程 虚拟化云计算视频教程
100多集完整学习最新虚拟化视频教程 概念安装配置冗余升级等 (vsphere精通视频下载)100多集完整学习最新虚拟化视频教程 概念安装配置冗余升级等 (vsphere精通视频下载)

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

  [复制链接]
查看: 792|回复: 168
开通VIP 免金币+免回帖+批量下载+无广告
Aruba ClearPass & Palo Alto Networks Advanced Deployment Use-Cases

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases - 攻城狮论坛 - Aruba ClearPass文档 Palo Alto Networks Advanced Deployment Use-Cases

Table
of
Contents
Overview
......................................................................................................................................................................
4
Deploying
CPPM
and
PANW
Overview
......................................................................................................
4
CPPM
Config

A
very
short
recap
...........................................................................................................
5
Brief
review
of
CPPM
/
PANW
exchanged
attributes
.....................................................................
6
Advanced
Deployment
Scenario’s
.....................................................................................................................
8
PANW
Configuration
to
use
AD
Groups
to
enforce
policy
.................................................................
8
Configure
PANW
to
ingest
AD
Groups
information
.........................................................................
8
Configuring
PANW
Rules
to
limit
Access
for
AD
Groups
............................................................
10
PANW
Configuration
to
use
HIP
Objects
to
enforce
policy
............................................................
13
Useful
DEBUG/Info
Commands
for
AD
Group
configuration
on
PANW
..............................
16
CPPM
Configuration
to
support
Guest
MAC
Caching
auth
..............................................................
18
Overview
of
this
feature
...........................................................................................................................
18
Technical
Description
of
the
problem
and
the
resolution
.........................................................
18
Table
of
Figures
Figure
1
-‐
Summary
of
CPPM
configuration
steps
.....................................................................................
5
Figure
2
-‐
HIP
Objects
Options
............................................................................................................................
6
Figure
3
-‐
HIP
OS
Options
.....................................................................................................................................
7
Figure
4
-‐
Adding
an
LDAP
definition
for
AD
...............................................................................................
8
Figure
5
-‐
Defining
PANW
UserID
Group
Mapping
server
.....................................................................
9
Figure
6
-‐
Adding
AD
Group's
to
an
Include
Group
list
.........................................................................
10
Figure
7
-‐
Firewall
rule
'PLM-‐Block-‐Social'
................................................................................................
11
Figure
8
-‐
Firewall
rule
'PLM-‐Block-‐Social'
detailed
info
....................................................................
11
ClearPass
6.3.x
Tech
Note:
CPPM
with
PANW
deployment
scenarios
-‐
TechNote
Aruba
Networks
3
Figure
9
-‐
User
successfully
authenticating
against
AD
........................................................................
11
Figure
10
-‐
Details
of
user
carlos
in
AD
group
plm
.................................................................................
12
Figure
11
-‐
PANW
firewall
logs
shown
allow
and
block
for
traffic
..................................................
12
Figure
12
-‐
Unauthorized
access
attempt
shown
to
the
user
from
the
PANW
...........................
12
Figure
13
-‐
Create
a
HIP
Object
to
match
a
device
running
Windows
XP
.....................................
13
Figure
14
-‐
Adding
multiple
HIP
Objects
to
a
HIP
Report
....................................................................
14
Figure
15
-‐
PANW
firewall
policy
denying
XP
endpoints
based
upon
HIP
Report
...................
14
Figure
16
-‐
Details
behind
the
deny
rule
.....................................................................................................
14
Figure
17
-‐
Traffic
being
denied
based
upon
HIP
Object
data
...........................................................
15
Figure
18
-‐
Example
HIP
Object
sent
to
Palo
Alto
Networks
..............................................................
15
Figure
19
-‐
CLI
command
to
refresh
AD
group
data
..............................................................................
16
Figure
20

CLI
command
to
show
AD
groups
ingested
from
AD
....................................................
16
Figure
21
-‐
CLI
command
to
show
AD
groups
on
firewall
(short
output)
....................................
16
Figure
22
-‐
CLI
command
showing
actual
users
in
AD
groups
(TME)
...........................................
17
Figure
23
-‐
CLI
command
showing
actual
users
in
AD
groups
(PLM)
............................................
17
Figure
24

RADIUS
Enforcement
Profile
with
%{Endpoint:Username}
......................................
19
Figure
25
-‐
CPPM
enforcement
profile
for
PANW
endpoint
prior
to
CPPM
6.3.1
.....................
19
Figure
26
-‐
Pre
6.3.1
Session-‐Check
attributes
.........................................................................................
20
Figure
27
-‐
Post
6.3.1
Session-‐Check
attributes
.......................................................................................
20
Figure
28
-‐
PANW
enforcement
profile
PLUS
MAC
Cache
required
post
CPPM
6.3.1
.............
21



购买主题 已有 4 人购买  本主题需向作者支付 11 金币 才能浏览
CCNA考试 官方正规报名 仅需1500元
回复 论坛版权

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:49 | 显示全部楼层
11111111111111111111
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:50 | 显示全部楼层
1111111111111111
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:43:51 | 显示全部楼层

2222222222

22222222222
回复 支持 反对

使用道具 举报

Genesis [Lv6 略有所成] 发表于 2016-12-30 22:44:42 | 显示全部楼层
33333333333

评分

参与人数 1金币 -10 收起 理由
宅男女神 -10 勿灌水!禁止纯拼音/纯表情/无意义字符!

查看全部评分

回复 支持 反对

使用道具 举报

聱菅绢隽戒 [Lv5 不断成长] 发表于 2016-12-30 23:41:43 | 显示全部楼层
学习了,谢谢分享、、、
回复 支持 反对

使用道具 举报

海皇CHICBOY [Lv7 精益求精] 发表于 2016-12-30 23:46:15 | 显示全部楼层
现在账号真不容易得到啊,所以看到楼主发帖一定要支持下~
回复 支持 反对

使用道具 举报

wonglaye [Lv5 不断成长] 发表于 2016-12-30 23:51:48 | 显示全部楼层
过来看看的,感谢攻城狮论坛
回复 支持 反对

使用道具 举报

monkeyman [Lv8 技术精悍] 发表于 2016-12-31 00:22:57 | 显示全部楼层
攻城狮论坛的资料就是全,在这里找不到的资料在其他网站也很难找到!
回复 支持 反对

使用道具 举报

monkeyman [Lv8 技术精悍] 发表于 2016-12-31 00:23:18 | 显示全部楼层
攻城狮论坛的资料就是全,在这里找不到的资料在其他网站也很难找到!
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

官方QQ群

QQ|无图浏览|手机版|网站地图|攻城狮论坛 ( 京ICP备12049419号 )|网站地图

GMT+8, 2017-4-29 19:12 , Processed in 0.284940 second(s), 30 queries , Gzip On, Memcache On.

Powered by Discuz! X3.2 © 2001-2013 Comsenz Inc.

Designed by ARTERY.cn