Educause Security Discussion mailing list archives
Re: Bulk blocking of all devices in Aruba ClearPass?
From: Catherine Ullman <cende () BUFFALO EDU>
Date: Wed, 9 Jun 2021 16:27:57 +0000
Hi Jennifer, Thank you for your insights! Best, Cathy From: Jennifer Minella <jjx () cadinc com> Sent: Wednesday, June 9, 2021 12:16 PM To: Catherine Ullman <cende () buffalo edu> Cc: SECURITY () LISTSERV EDUCAUSE EDU Subject: RE: Bulk blocking of all devices in Aruba ClearPass? Hi Catherine, The policy someone mentioned is the mechanism within ClearPass and they may have provided some additional info covering what you need. Outside of that, there are a few options/ways in which to feed that information to a NAC solutions. You can typically get posture info in a few ways: - From the posture agent within ClearPass (OnGuard) - From a supported MDM with direct integration - From an API, log, or other external trigger with custom rules (e.g. from SIEM, firewall, endpoint security platform) You may also want to check on the WIRELESS group WIRELESS-LAN () LISTSERV EDUCAUSE EDU <mailto:WIRELESS-LAN () LISTSERV EDUCAUSE EDU> , I see a lot of ClearPass conversations there. Hope that helps! -jj ___________ Jennifer Minella, CISSP VP of Engineering & Security Carolina Advanced Digital, Inc. <https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.cadinc .com%2F&data=04%7C01%7Ccende%40buffalo.edu%7Cc024de1dfca54cf48c9b08d92b61ea9 1%7C96464a8af8ed40b199e25f6b50a20250%7C0%7C0%7C637588521841954648%7CUnknown% 7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn 0%3D%7C1000&sdata=5bTzYkpRHIhK%2BSs49%2F32GN28BHDPc2qVpQTnpc6nEJo%3D&reserve d=0> www.cadinc.com <mailto:jjx () cadinc com> jjx () cadinc com 919.460.1313 Main Office 919.539.2726 Mobile/text From: Catherine Ullman <cende () BUFFALO EDU> Sent: Tuesday, June 8, 2021 3:16 PM Subject: Bulk blocking of all devices in Aruba ClearPass? Greetings! I've been asked to reach out and ask whether any of your institutions who use Aruba Clearpass have a policy or procedure for bulk blocking of devices in the event of something like a ransomware attack. If you do any of you have such a thing, are you willing to share? Thank you in advance! Best, Cathy Dr. Catherine J Ullman Senior Information Security Forensic Analyst Information Security Office University at Buffalo cende () buffalo edu <mailto:cende () buffalo edu> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community <https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.educa use.edu%2Fcommunity&data=04%7C01%7Ccende%40buffalo.edu%7Cc024de1dfca54cf48c9 b08d92b61ea91%7C96464a8af8ed40b199e25f6b50a20250%7C0%7C0%7C63758852184196460 3%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haW wiLCJXVCI6Mn0%3D%7C1000&sdata=yzfg9DGKSNZH5zeP%2BSlps4b8DzIQDI%2B7gBX89E%2FL zds%3D&reserved=0> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Attachment:
smime.p7s
Description:
Current thread:
- Bulk blocking of all devices in Aruba ClearPass? Catherine Ullman (Jun 08)
- Re: Bulk blocking of all devices in Aruba ClearPass? Patel,Chintan (Jun 08)
- Re: Bulk blocking of all devices in Aruba ClearPass? Michael Avers (Jun 08)
- Re: Bulk blocking of all devices in Aruba ClearPass? Steve Smith (Jun 08)
- <Possible follow-ups>
- Re: Bulk blocking of all devices in Aruba ClearPass? Jennifer Minella (Jun 09)
- Re: Bulk blocking of all devices in Aruba ClearPass? Catherine Ullman (Jun 09)