ClearPass - Network Access Control (NAC) based on Windows Client OS Version and Build number
How to manage Windows client network access based on their OS version and build number in CPPM Enforcement Policies Summary: for enforcement policy to be based on "Windows OS Build version" you will need to implement OnGuard, and via the Health Check Service you will be able to witness the Windows Build version. You will need to create a new Endpoint record to store these details, then create an Enforcement Profile to store the information in the EndpointDB. From there you can then use roll mapping policies that reference the build number in your services. From CPPM > Monitoring > Live Monitoring > Access Tracker > find a relevant Source = WEBAUTH, Service = Health Check Service record and open it to the Input tab Scroll down to the Computed Attributes section, here you can find version information collected by OnGuard agent in the Endpoint such as: Host: OSArch x86_64 Host: OSName Microsoft Windows 10 Enterprise Ed