About the connector
Aruba ClearPass is a policy management platform that enables businesses to effortlessly onboard new devices, grant varying access levels, and keep their networks secure. ClearPass allows you to safely connect business and personal devices to your network in compliance with your security policies.
This document provides information about the Aruba ClearPass connector, which facilitates automated interactions, with an Aruba ClearPass server using FortiSOAR™ playbooks. Add the Aruba ClearPass connector as a step in FortiSOAR™ playbooks and perform automated operations such as retrieving a collection of all currently managed guest accounts from Aruba ClearPass, terminating an active session in the Aruba ClearPass, updating the status of a specific connected endpoint in the Aruba ClearPass network, etc.
Version information
Connector Version: 1.0.0
Authored By: Community
Certified: No
Installing the connector
From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-aruba-clearpass
Prerequisites to configuring the connector
- You must have the IP address or FQDN of the Aruba ClearPass server to which you will connect and perform automated operations.
- You must also have the client ID from your client app definition and the client secret or username-password pair to connect to Aruba ClearPass.
- The FortiSOAR™ server should have outbound connectivity to port 443 on the Aruba ClearPass server.
Minimum Permissions Required
Configuring the connector
For the procedure to configure a connector, click here
Configuration parameters
In FortiSOAR™, on the Connectors page, click the Aruba ClearPass connector row (if you are in the Grid view on the Connectors page), and in the Configurations tab enter the required configuration details:
| Parameter |
Description |
| Server Address |
IP address or FQDN of the Aruba ClearPass server to which you will connect and perform the automated operations. |
| Client ID |
The client ID from your Aruba API client app definition. |
| Authorization Grant Type |
Select the Aruba ClearPass authentication type either Client Secret or Username-Password pair that you will use to access Aruba ClearPass.
- If you choose 'Client Secret', then in the Client Secret field specify the client secret from your Aruba API client app definition. The client secret is required if the API client definition is not configured as a public client.
- If you choose 'Username/Password', then enter details in the following parameters:
- In the Username field, enter the username to access the Aruba ClearPass server to which you will connect and perform the automated operations.
- In the Password field, enter the password to access the Aruba ClearPass server to which you will connect and perform the automated operations.
|
| Verify SSL |
Specifies whether the SSL certificate for the server is to be verified or not.
By default, this option is set as True. |
Actions supported by the connector
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
| Function |
Description |
Annotation and Category |
| Get List of Guests |
Retrieves the collection of all currently managed guest accounts from Aruba ClearPass. |
list_guests
Investigation |
| Get Guest Details |
Retrieves details of a specific guest account from Aruba ClearPass based on the Guest ID you have specified. |
get_guest_details
Investigation |
| List Endpoint |
Retrieves the list of all connected endpoints on the Aruba ClearPass network. |
list_endpoints
Investigation |
| Get Endpoint Detail |
Retrieves details of a specific endpoint from Aruba ClearPass based on the Endpoint ID you have specified. |
get_endpoint_details
Investigation |
| Update Endpoint Status |
Updates the status of a specific connected endpoint in the Aruba ClearPass network based on the Endpoint ID and status you have specified. |
update_endpoint_status
Investigation |
| List Sessions |
Retrieves a list of all active sessions from the Aruba ClearPass network. |
list_sessions
Investigation |
| Terminate Sessions |
Terminates an active session in the Aruba ClearPass network based on the Session ID you have specified. |
terminate_session
Investigation |
operation: Get List of Guests
Input parameters
None.
Output
The output contains a non-dictionary value.
operation: Get Guest Details
Input parameters
| Parameter |
Description |
| Guest ID |
The ID of the guest whose details you want to retrieve from Aruba ClearPass. |
Output
The output contains a non-dictionary value.
operation: List Endpoint
Input parameters
None.
Output
The output contains the following populated JSON schema:
{
"_links": {
"self": {
"href": ""
},
"first": {
"href": ""
}
},
"_embedded": {
"items": [
{
"id": "",
"mac_address": "",
"status": "",
"device_insight_tags": [],
"attributes": {},
"_links": {
"self": {
"href": ""
}
}
}
]
}
}
operation: Get Endpoint Detail
Input parameters
| Parameter |
Description |
| Endpoint ID |
The ID of the endpoint whose details you want to retrieve from Aruba ClearPass. |
Output
The output contains the following populated JSON schema:
{
"id": "",
"mac_address": "",
"status": "",
"device_insight_tags": [],
"attributes": {},
"_links": {
"self": {
"href": ""
}
}
}
operation: Update Endpoint Status
Input parameters
| Parameter |
Description |
| Endpoint ID |
The ID of the endpoint whose status you want to update in the Aruba ClearPass network. |
| Endpoint Status |
Select the status that you want to update in the specific endpoint in the Aruba ClearPass network. You can choose from the following options: Known, Unknown, or Disabled. |
| Description |
Specify that description that you want to add while updating the status of the specific endpoint in the Aruba ClearPass network. |
Output
The output contains a non-dictionary value.
operation: List Sessions
Input parameters
None.
Output
The output contains the following populated JSON schema:
{
"_links": {
"self": {
"href": ""
},
"first": {
"href": ""
}
},
"_embedded": {
"items": [
{
"id": "",
"ssid": "",
"state": "",
"_links": {
"self": {
"href": ""
}
},
"ap_name": "",
"nas_name": "",
"username": "",
"cppm_uuid": "",
"nasportid": "",
"role_name": "",
"updated_at": "",
"mac_address": "",
"nasporttype": "",
"servicetype": "",
"acctstoptime": "",
"nasipaddress": "",
"sponsor_name": "",
"visitor_name": "",
"acctsessionid": "",
"acctstarttime": "",
"arubauserrole": "",
"arubauservlan": "",
"sponsor_email": "",
"total_traffic": "",
"visitor_phone": "",
"acctinputoctets": "",
"acctsessiontime": "",
"calledstationid": "",
"framedipaddress": "",
"visitor_carrier": "",
"visitor_company": "",
"acctoutputoctets": "",
"callingstationid": "",
"acctterminatecause": "",
"sponsor_profile_name": ""
}
]
}
}
operation: Terminate Sessions
Input parameters
| Parameter |
Description |
| Session ID |
The ID of the session that you want to terminate from the Aruba ClearPass network. |
Output
The output contains a non-dictionary value.
Included playbooks
The Sample - Aruba ClearPass - 1.0.0 playbook collection comes bundled with the Aruba ClearPass connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Aruba ClearPass connector.
- Get Endpoint Detail
- Get Guest Details
- Get List of Guests
- List Endpoint
- List Sessions
- Terminate Sessions
- Update Endpoint Status
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
