Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Event-Based Enforcement Service
The Policy Manager performs enforcement operations as configured; for example, executing a dynamic authorization Dynamic authorization refers to the ability to make changes to a visitor account’s session while it is in progress. This might include disconnecting a session or updating some aspect of the authorization for the session. (DA) to disconnect a suspicious user from the network.To add an event-based enforcement service:
service manages enforcement actions in response to threat-event processing. When there is a suspicious user, this user could represent a common DOS attack or some other threat. When a threat is detected,1. Navigate to > . The page appears. The page provides options to add, modify, and remove a service.
2. To add the service, click . The dialog appears.
3. From the drop-down list, select (see Figure 1).
Figure 1 Specifying Event -Based Enforcement
4. Enter the name or label of the event-based enforcement service.
5. Enter the values for any other parameters, including service rules, required for this service.
Associating the Service with an Enforcement Policy
After you create the event-based enforcement service, you must associate the service with an enforcement policy. You can do this from the
> page.1. When finished with the parameter settings on the > page, click .The > page appears.
2. From the > page, you can either select an existing enforcement policy or create a new one.
Figure 2 Selecting the Ingress Events Enforcement Policy
3. From the drop-down list, select the appropriate Event Enforcement policy.
4. If you have not configured Event-type Enforcement policies, click to create a new enforcement policy.
5. Specify the values for the remaining parameters as described in Table 1, then click .
Parameter |
Description |
Use Cached Results |
1. Select this check box to use cached roles and posture attributes from previous sessions. |
Enforcement Policy |
2. From the drop-down list, select the preconfigured enforcement policy. This is mandatory. |
|
|
Description |
Displays additional information about the selected enforcement policy. |
Default Profile |
Displays a default profile applied by . |
Rules Evaluation Algorithm |
Shows first matched rule and return the role or select all matched rules and return a set of roles. |