Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Web-based Health Check Only Service
This type of service is the same as the
service except that there is no authentication performed; only health check are performed.The internal service rule
categorizes requests into this type of service.The external service rule
is automatically added when you select this type of service.For more information, see Web-Based Authentication Service.
Creating the Service
To create a
service:1. Navigate to > , then select the link.
The
page opens.2. From the drop-down, select the service.
The
service configuration dialog opens:Figure 1 Web-Based Health Check Only Service Configuration Dialog
3. Specify the tab parameters as described in the following table:
Parameter |
Action/Description |
Type |
From the drop-down list, select . |
Name |
Enter the name of the service. |
Description |
Provide additional information that helps to identify the service. |
Monitor Mode |
Select the check box to monitor network access activity without enforcement. |
More Options |
Check these boxes to access the additional configuration tabs: Authorization Posture Compliance |
|
|
Type |
Select one of the following service rule types: Authentication Connection Date Device Host Endpoint |
Name |
Select the name of the service rule from the drop-down list. |
Operator |
Select an appropriate operator from the list of operators for the data type of the attribute. |
Value |
Select the value from the drop-down list. The value list depends on the operator selected. |
Service Rule > Web-Based Authentication Host Attributes
The following table describes the list of other attributes that can be used to create host services based on the client's information.
Attribute Name |
Description |
AgentType |
Specifies the type of OnGuard Agent. This attribute provides a way to define a separate service for each OnGuard Agent Type. The supported values are: : OnGuard Agent : OnGuard Agent running as a service : Native Dissolvable Agent : Java Dissolvable Agent |
Agent Version |
OnGuard Agent version. This attribute can be used to create a service based on the OnGuard Agent version. |
CheckType |
Specifies the type of check OnGuard Agent is performing based on the OnGuard Settings and Agent Library Updates). setting in the OnGuard Settings page (for details, seeFor , the value of this attribute is . The supported values are:: OnGuard Agent is performing authentication; that is, the request contains credentials. : OnGuard Agent is performing health checks; that is, the request contains Posture information.
|
Indicates the Fully Qualified Domain Name of the client. |
|
HealthCheckLevel |
Indicates the level of health checks performed by OnGuard Agent; that is, whether the user is logged in at the time of health check or not. This attribute can be used to see the health check level when OnGuard Agent is running as or .not logged in when health checks are being run. : The user is: The user is logged in when health checks are being run. |
Installed SHAs |
Specifies the SHAs installed on the client. |
InterfaceType |
Specifies the type of . This attribute can be used to define different services based on Network Interface type. The supported values are:
|
LastHealthStatus |
Most recent Health status. Value can be from one of the following Healthy Quarrantine Unknown |
LastHealthStatusTimeStamp | Timestamp of last health status in epoch format, For example,12 PM on 2 December, 2021 would be 1638446400. |
LastHealthStatusDateTime | Timestamp of last health status in date/time format. |
Machine Type |
Identify the device as one of the following types: Desktop Laptop Virtual Machine Server Other Unknown |
Name |
This is the host name of the client (without the domain name). |
OSArch |
Specifies whether the client is running a 32-bit or 64-bit OS. The supported values are: : 32-bit OS : 64-bit OS |
OSName |
Indicates the full Operating System name. This attribute can be used to create services for a specific OS. For example, you can use this attribute to differentiate between Windows 8 and Windows 8.1 |
OSNameVersion |
Provides the Windows OS name and the build version. This attribute can be used to create different Posture policies for different Windows 10 versions such as or . |
OSType |
Specifies the Operating System type. The supported values are:
|
SDKType |
Specifies the SDK Software Developer Toolkit; Software tools and programs used to develop software for a particular platform. type. For example, you can specify that the SDK Software Developer Toolkit; Software tools and programs used to develop software for a particular platform. type equals . For related information, see Upgrading From OnGuard Plugin Version 1.0 to 2.0. |
SDKVersion |
Specifies the SDK Software Developer Toolkit; Software tools and programs used to develop software for a particular platform. version. |
SerialNumber |
Specifies the serial number of the client. |
ServerCertificateCheck |
This attribute's value shows the status of the Policy Manager Server Certificate Check performed by OnGuard agent while sending a WebAuth request to the Policy Manager server.This attribute can also be used in a Service Classification. The value of this attribute can be one of the following: Policy Manager Server Certificate. : OnGuard Agent successfully verified thePolicy Manager Server Certificate. : OnGuard Agent failed to verify the |
UserAgent |
The value of this attribute contains both the and . For example, OnGuard 6.7.0.89660. |