Security

last person joined: 19 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Advanced AirGroup sharing (AND)

This thread has been viewed 0 times

  • 1.  Advanced AirGroup sharing (AND)

    Posted Aug 31, 2017 07:25 AM

    We started to explore user certificates with eap-tls as an option for devices that clients don't want their username/pw stored on.  The issue has came up that these devices would have access to the clients' personal airgroup devices, which may or may not be desired.  These eap-tls devices are in different roles, but I would need a sharing option to limit airgroup access to a Username AND Role, not just Username or Role.  Any thoughts?

     

    thanks

    mike

     

     



  • 2.  RE: Advanced AirGroup sharing (AND)

    EMPLOYEE
    Posted Aug 31, 2017 07:40 AM
    You'd need to use the Shared context instead for personal. Personal is only available to the person who registered the device and optionally, up to 10 additional individual users.


  • 3.  RE: Advanced AirGroup sharing (AND)

    Posted Aug 31, 2017 08:50 AM

    So if I used the Shared context and put a role there along with my Username, will my device be shared to my Username AND any device in the role, or my Username OR any device in the role?



  • 4.  RE: Advanced AirGroup sharing (AND)

    EMPLOYEE
    Posted Aug 31, 2017 08:53 AM
    OR


  • 5.  RE: Advanced AirGroup sharing (AND)

    Posted Aug 31, 2017 09:02 AM

    So am I missing your suggestion with the Shared context, or I'm back to my original question, how do I get an AND functionality for limiting sharing? 



  • 6.  RE: Advanced AirGroup sharing (AND)

    EMPLOYEE
    Posted Aug 31, 2017 09:06 AM

    You can't.

     

    Can you explain the use case / type of user/device?