Security

This is a short technote on Ingress threat protection with ClearPass. 

Here we'll go through the basics of enabling ingress event processing service, so that ClearPass can receive the relevant threat info from firewalls and then enforce the restriction for the corresponding wireless/wired user, devices, or things. The firewall events will be coming in form of SYSLOG messages which ClearPass will parse and act based on a configured policy.

Hope you'll find it useful and as always please send through your feedback for improvement.

------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
------------------------------

Apart from the ingress event dictionaries built in to the platform, additional ones are available here : https://github.com/aruba/clearpass-exchange-snippets/tree/master/ingress-event-dictionaries

Original Message:
Sent: Feb 04, 2024 06:10 PM
From: ariyap
Subject: [TUTORIAL] ClearPass Ingress Threat Protection with Checkpoint

This is a short technote on Ingress threat protection with ClearPass. 

Here we'll go through the basics of enabling ingress event processing service, so that ClearPass can receive the relevant threat info from firewalls and then enforce the restriction for the corresponding wireless/wired user, devices, or things. The firewall events will be coming in form of SYSLOG messages which ClearPass will parse and act based on a configured policy.

Hope you'll find it useful and as always please send through your feedback for improvement.

------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
------------------------------