Security

Hi team,

Can you tell me how to limit the number of devices that a guest account can be online at the same time? I've created a self-registration page for users and now want to limit the use of accounts after registration to one device to prevent account sharing and abuse. If a guest contributes his registered account to someone else, the other person will be denied permission to sign in with that account.

I tried to set a Unique-Device-Count  GREATER_THAN  1, but it looks like unuseful.

------------------------------
Hevin Huo
------------------------------

Hi Hevin,
When you create the service for Guest using Service Template/Wizard,  In "Access Restrictions" tab, you can set the "Maximum number of devices allowed per user" to 1.
This will restrict the each guest user account to 1 device.


------------------------------
Kapildev Erampu
PreSales Consultant
Aruba, a Hewlett Packard Enterprise company
Sydney, Australia.
Any opinions expressed here are solely my own and not necessarily that of HPE
------------------------------

Hi Kapildev,

How do I manually create this enforcement profile to restrict devices? Maybe that was very helpful for me to understand how it works.

------------------------------
Hevin Huo
------------------------------

Original Message:
Sent: Jun 02, 2022 08:47 AM
From: Kapildev Erampu
Subject: CP Guest access

Hi Hevin,
When you create the service for Guest using Service Template/Wizard,  In "Access Restrictions" tab, you can set the "Maximum number of devices allowed per user" to 1.
This will restrict the each guest user account to 1 device.


------------------------------
Kapildev Erampu
PreSales Consultant
Aruba, a Hewlett Packard Enterprise company
Sydney, Australia.
Any opinions expressed here are solely my own and not necessarily that of HPE
------------------------------

I'm not sure what version of ClearPass you are using or if you're reached out to a local SE for assistance.

Here is the link to the ClearPass Configuration Guide [6.8].

https://www.arubanetworks.com/techdocs/ClearPass/6.8/PolicyManager/index.htm#CPPM_UserGuide/Enforce/EPSession_Restrictions.htm

The screen-shot shared by Kapildev is shown only during the initial configuration of the Guest with Mac Auth Service.

For simplicity, I created a sample policy [Enforcement-> Policies] to show where it can be modified.


I hope this helps...





------------------------------
Shieva Eccles
------------------------------

Original Message:
Sent: Jun 02, 2022 01:14 PM
From: Hevin Huo
Subject: CP Guest access

Hi Kapildev,

How do I manually create this enforcement profile to restrict devices? Maybe that was very helpful for me to understand how it works.

------------------------------
Hevin Huo
------------------------------


Original Message:
Sent: Jun 02, 2022 08:47 AM
From: Kapildev Erampu
Subject: CP Guest access

Hi Hevin,
When you create the service for Guest using Service Template/Wizard,  In "Access Restrictions" tab, you can set the "Maximum number of devices allowed per user" to 1.
This will restrict the each guest user account to 1 device.


------------------------------
Kapildev Erampu
PreSales Consultant
Aruba, a Hewlett Packard Enterprise company
Sydney, Australia.
Any opinions expressed here are solely my own and not necessarily that of HPE