​​​

By integrating the controller with an external policy manager such as Aruba ClearPass Policy Manager, you can get information about a client device based on its activity in the network. Aruba ClearPass Policy manager can push information about a client device to any other server using its REST API. A client device could be a laptop, desktop, any wireless device, or any server that is connected to the network. Events are generated based on a user login, logout or rejected event.

The Client Mapper Service is an internal controller application that combines information known about a network client by the controller, such as host IP address, host MAC addresses, and the connected datapath and port, with information about the network client known by an outside policy manager, such as the Aruba ClearPass Policy Manager, to provide information about network clients, including user information, device information, and location information. External SDN applications can use the information about a client and perform appropriate actions. Currently the information is available on the controller via the REST API only. For REST API details, see the HPE VAN SDN Controller REST API Reference.

To integrate the controller with Aruba ClearPass Policy Manager, you must configure ClearPass Policy Manager to use the controller as the external server. You must also configure ClearPass Policy Manager to use the controller’s Client Mapper Service POST REST API to post user events. For every event posted to the controller by the Aruba ClearPass Policy Manager, the Client Mapper Service posts a corresponding ClientEvent to the controller. For details on configuring ClearPass Policy Manager to meet these requirements, see the Aruba ClearPass Policy Manager documentation.

Authentication of Client Mapper Service related REST API requests can be either token-based authentication or client certificate-based authentication. For details, see REST authentication.