I am wondering what the best practice is for a control policy for the event "event inactivity-timeout-match-all" and what the differences are between using "clear-session" and "unauthorize". The Command Reference for IOS XE gives an example for both "clear-session" and "unauthorize" used in the event " event inactivity-timeout match-all". The IBNS 2.0 Deployment Guide shows three examples of using unauthorize for "event inactivity-timeout-match-all". Can you please explain the differences between clear-session and unauthorize and when I should use one over the other? Thank you!
... View more