About Policy Manager

The Policy Manager™ Access Management System provides a window into your network and covers all your access security requirements from a single platform. You get complete views of mobile devices and users and have total control over what they can access.

When using the Policy Manager WebUI, the recommended practice is to complete all required actions within a single browser tab. The browser tab displays the system's hostname. When you are working in multiple Policy Manager servers in different tabs, you can identify which server is in each tab.

If you change configuration settings within multiple tabs, there is an increased chance of data loss and potential impact to network access. Similarly, only one network admin should be logged in to Policy Manager at any time to avoid potential data loss and synchronization issues.

About ClearPass 6.12.x

ClearPass 6.12.0 is a Short Support Release (SSR). In a Short Support Release, HPE Aruba Networking introduces new features and new hardware, but does not "park" any hardware. An SSR version reaches End of Support on the date when the next SSR or LSR version is released, A maximum of two ClearPass releases are supported at any point in time: one Long Support Release (LSR) and one Short Support Release (SSR). For more information, see the HPE Aruba Networking End of Life Policy page.

If new to Policy Manager, refer to the following:

For a description of how to use the Dashboard, see Using the Dashboard.

For a list of common configuration tasks and pointers to information about how to perform each task, refer to Accessing Configuration Information.

If you are planning a new Policy Manager deployment, refer to the ClearPass Deployment Guide.

The Policy Manager Deployment Guide is organized in a way that presents the deployment and configuration sequences in the order in which Policy Manager deployment should take place, and makes the major deployment tasks easy to implement.

 

Periodic revisions to the Release Notes, Policy Manager User Guide, and Online Help are sometimes posted; however, some browsers might display a cached previous version. To ensure that you are viewing the latest version of the documentation, you may want to clear your browser’s download history and cached images and files.

With Policy Manager, IT can centrally manage network policies, automatically configure devices and distribute security certificates, admit guest users, assess device health, and even share information with third-party solutions—through a single pane of glass, on any network and without changing the current infrastructure.

The Policy Manager Access Management System provides a window into your network and covers all your access security requirements from a single platform. You get complete views of mobile devices and users and have total control over what they can access.

Policy Manager's key features are as follows:

Role-based, unified network access enforcement across multi-vendor wireless, wired and VPN Virtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. networks

Intuitive policy configuration templates and visibility troubleshooting tools

Supports multiple authentication/authorization sources (AD, LDAP Lightweight Directory Access Protocol. LDAP is a communication protocol that provides the ability to access and maintain distributed directory information services over a network., SQL dB Decibel. Unit of measure for sound or noise and is the difference or ratio between two signal levels.)

Self-service device onboarding The process of preparing a device for use on an enterprise network, by creating the appropriate access credentials and setting up the network connection parameters. with built-in certificate authority (CA Certificate Authority or Certification Authority. Entity in a public key infrastructure system that issues certificates to clients. A certificate signing request received by the CA is converted into a certificate when the CA adds a signature generated with a private key. See digital certificate.) for BYOD Bring Your Own Device. BYOD refers to the use of personal mobile devices within an enterprise network infrastructure.

Guest access with extensive customization, branding and sponsor-based approvals

Integration with key EMM/MDM Mobile Device Management. MDM is an administrative software to manage, monitor, and secure mobile devices of the employees in a network. solutions for in-depth device assessments

Comprehensive integration with the 360 Security Exchange Program

Single sign-on (SSO Single Sign-On. SSO is an access-control property that allows the users to log in once to access multiple related, but independent applications or systems to which they have privileges. The process authenticates the user across all allowed resources during their session, eliminating additional login prompts.) support works with Ping, and other identity management tools to improve user experience to SAML Security Assertion Markup Language. SAML is an XML-based framework for communicating user authentication, entitlement, and attribute information. SAML enables single sign-on by allowing users to authenticate at an identity provider and then access service providers without additional authentication. 2.0-based applications

The Policy Manager online help is updated periodically as new features become available. The table below describes the most recent updates:

Table 1: Policy Manager User Guide Revision History

Revision

Change Description

 

Revision 16

Updates for Policy Manager 6.12.3

September 2024

Revision 15

Updates for Policy Manager 6.12.2

May 2024

Revision 14

Updates for Policy Manager 6.12.1

February 2024

Revision 13

Updates for Policy Manager 6.12

December 2023

Revision 12

Updates for Policy Manager 6.11.6

November 2023

Revision 11

Updates for Policy Manager 6.11.5

September 2023

Revision 10

Updates for Policy Manager 6.11.4

July 2023

Revision 09

Updates for Policy Manager 6.11.3

May 2023

Revision 08

Updates for Policy Manager 6.11.2

March 2023

Revision 07

Updates for Policy Manager 6.11.1

December 2022

Revision 06

Updates for Policy Manager 6.11

October 2022

Revision 05

Updates for Policy Manager 6.10.1

September 2021

Revision 04

Reformatted

Updates for Policy Manager 6.7.4

August 2018

Revision 03

Updates for Policy Manager 6.6.7

September 2017

Revision 02

Updates for Policy Manager 6.5

March 2015

Revision 01

Initial Release

October 2014

Use of Cookies

Cookies are small text files that are placed on a user’s computer by web sites the user visits. They are widely used in order to make web sites work, or work more efficiently, as well as to provide information to the owners of a site. Session cookies are temporary cookies that last only for the duration of one user session.

When a user registers or logs in via a Hewlett Packard Enterprise (HPE) captive portal A captive portal is a web page that allows the users to authenticate and sign in before connecting to a public-access network. Captive portals are typically used by business centers, airports, hotel lobbies, coffee shops, and other venues that offer free Wi-Fi hotspots for the guest users., HPE uses session cookies solely to remember between clicks who a guest or operator is. HPE uses this information in a way that does not identify any user-specific information, and does not make any attempt to find out the identities of those using its Policy Manager products. HPE does not associate any data gathered by the cookie with any personally identifiable information (PII) from any source. HPE uses session cookies only during the user’s active session and does not store any permanent cookies on a user’s computer. Session cookies are deleted when the user closes his or her web browser.

Open Source Code

This product includes code licensed under the GNU General Public License, the GNU Lesser General Public License, and/or certain other open source licenses. A complete machine-readable copy of the source code corresponding to such code is available upon request. This offer is valid to anyone in receipt of this information and shall expire three years following the date of the final distribution of this product version by Hewlett-Packard Enterprise Company. To obtain such source code, send a check or money order in the amount of US $10.00 to:

Hewlett Packard Enterprise Company
Attn: General Counsel
1701 East Mossy Oaks Road
Spring, Texas 77389
USA