emea airheads- clearpass extensions and how they can help
Post on 05-Apr-2017
193 Views
Preview:
TRANSCRIPT
CLEARPASS EXTENSIONS
Technical Climb Webinar10:00 GMT | 11:00 CET | 13:00 GSTMarch 28th, 2017
Presenter: Chandrakanth Narayanabhatla
Principal Network Engineer
chandrakanthn@hpe.com
INTRODUCTION TO EXTENSIONS
3
What are ClearPass Extensions
Extensions are like add-ons to ClearPass which run independently, allowing ClearPass to interact with any internal/external applications in real-time, enabling it to deliver different kinds of services
Some examples of ClearPass Extensions
• ClearPass Envoy Integration• Intel McAfee ePolicy Orchestrator Integration• Microsoft Intune MDM Integration• Amazon Alexa Integration• RadSec Proxy
4
Features of Extensions
− They allow ClearPass to interact with most applications that support APIs− You don’t have to wait for the software release cycle of ClearPass to integrate
with a new 3rd party application− Data is fetched in real time without having to wait for a polling interval− Ability to install only the extensions we are interested in− Monitor/debug/restart specific extensions linked to a functionality without
affecting ClearPass core functions.− Extend the core functionality of modules like Radius in features like RadSec
where the extension can act as a bridge between NAD devices and the Radius module
ARCHITECTURE OF EXTENSIONS
6
How do Extensions work
• Each ClearPass extension is a Docker container running independently
• Docker is an open platform to build, ship and run distributed applications
• A Docker container is a package of applications designated to run for a specific purpose
7
Interacting with Clearpass Extensions
The API Explorer can be accessed using https://<ClearPass IP/Hostname>/api-docs
STEPS FOR INSTALLING AN EXTENSION
9
Prerequisites for installing an Extension
• Extensions are available on ClearPass starting from version 6.6
• An operator profile with privileges to install and work with extensions needs to be created
• * Please note that the privileges needed for the operator profile could vary slightly depending on the Extension
10
Prerequisites for installing an Extension
• Using that operator profile we need to create an API client
11
Prerequisites for installing an Extension
• Once the API Client is created you should see an option called “Generate Access Token” which should generate an oauth access token that can be used to make the REST API calls
12
Prerequisites for installing an Extension
• Before we make the required api call to install the Extension, we need to know the store_id of the extension we are planning to install, for instance the store_id for the Intune MDM Extension is b3b8622c-be88-4846-847a-7e10ac74bc0f
• We also need to make sure ClearPass has access to the following destinations when installing an Extension
extensions.clearpassbeta.com *.docker.io *.cloudfront.net
EXTENSION INSTALLATION DEMO
WORKING OF AN EXTENSIONDEMO
MONITORING AND DEBUGGING EXTENSIONS
top related