Aruba ClearPass Integration Guide

The Aruba ClearPass Policy Manager™ platform provides role- and device-based network access control for employees, contractors and guests across any wired, wireless and VPN infrastructure. This guide explains how ClearPass Policy Manager can deliver proactive alerts to PagerDuty and ensure the right staff are informed of an event happening on your network in real time. Users are able to keep their help desk and support staff informed of any policy triggers in play in real-time and ensure the correct support response is delivered. This integration has been tested on ClearPass 6.3.4.

In PagerDuty

1. From the Configuration menu, select Services. 
2. On your Services page:

   If you are creating a new service for your integration, click +Add New Service.

   If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the +New Integration button.




3. Select your app from the Integration Type menu and enter an Integration Name.

   If you are creating a new service for your integration, in General Settings, enter a Name for your new service. Then, in Incident Settings, specify the Escalation Policy, Notification Urgency, and Incident Behavior for your new service.

4. Click the Add Service or Add Integration button to save your new integration. You will be redirected to the Integrations page for your service.
   
5. Copy the Integration Key for your new integration:

In ClearPass

1. Go to the ClearPass Solutions Exchange PagerDuty page and in the “PagerDuty API credentials” tab, enter your integration key:
   
2. In the Create Event Template tab, enter your ClearPass fully qualified domain name (FQDN) or IP address, as well as your Event Message and Trigger Action Name.
   
3. From the Configuration tab download the generated XML configuration files that include all the details specific to your deployment. The following configuration files should be available to download: CPPM 6.3 Endpoint Context Server Import Config.xml and CPPM 6.3 Enforcement Profile Config.xml.
4. From the ClearPass Policy Manager administrative user interface, browse to the Administration > External Servers > Endpoint Context Servers page and click on the Import Context Servers button shown in the top right hand corner.
   

5. From the Import from file window, select the configuration XML file downloaded from the previous step and then click the Import button. The result of the import should show that a new Endpoint Context Server and Context Server Action were both successfully created.
   

6. In order to take advantage of this new ClearPass Exchange API definition as part of a dynamic policy enforcement, a new Enforcement Profile needs to be created to take advantage of this API integration. From the ClearPass Policy Manager administrative user interface, browse to the Configuration > Enforcement > Profiles page and click on the Import Enforcement Profiles button shown in the top right hand corner.

   

7. From the Import from file window, select the configuration XML file downloaded from the previous step and then click the Import button. The result of the import should show that a new Generic Enforcement Policy was successfully created.

   

8. ClearPass Exchange now allows customers to extend their business rules to include policy enforcement beyond just the network and integration with all sorts of 3rd party systems to create new and engaging workflows for enterprise users. Looking at an existing Enforcement Policy rule below, we can see that the new HTTP based enforcement profile can be easily added along side the existing network centric RADIUS enforcement policy.

   

In this example the business rule being enforced is trigger by a device connected that has been determined to not be no longer enrolled in the enterprise MDM solution and the device is being quarantined using RADIUS (Enforce MDM Enrollment) and redirected to the MDM enrollment workflow. ClearPass Exchange is adding to this network enforcement by also triggering an outbound event notification (Create PagerDuty Event Trigger) which will be routed to the appropriate escalation resource within the PagerDuty system. Based on the PagerDuty user’s configuration options, the alert may be delivered via email, SMS, Push notification, phone call or a combination of these options.

For more information on implementing your business rules as part of ClearPass Enforcement Policies, please refer to the User Guide.