Security

Reply
Frequent Contributor I

Advanced AirGroup sharing (AND)

We started to explore user certificates with eap-tls as an option for devices that clients don't want their username/pw stored on.  The issue has came up that these devices would have access to the clients' personal airgroup devices, which may or may not be desired.  These eap-tls devices are in different roles, but I would need a sharing option to limit airgroup access to a Username AND Role, not just Username or Role.  Any thoughts?

 

thanks

mike

 

 

Mike Davis
Network Engineer
University of Delaware
Guru Elite

Re: Advanced AirGroup sharing (AND)

You'd need to use the Shared context instead for personal. Personal is only available to the person who registered the device and optionally, up to 10 additional individual users.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I

Re: Advanced AirGroup sharing (AND)

So if I used the Shared context and put a role there along with my Username, will my device be shared to my Username AND any device in the role, or my Username OR any device in the role?

Mike Davis
Network Engineer
University of Delaware
Guru Elite

Re: Advanced AirGroup sharing (AND)

OR

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I

Re: Advanced AirGroup sharing (AND)

So am I missing your suggestion with the Shared context, or I'm back to my original question, how do I get an AND functionality for limiting sharing? 

Mike Davis
Network Engineer
University of Delaware
Guru Elite

Re: Advanced AirGroup sharing (AND)

You can't.

 

Can you explain the use case / type of user/device?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: