Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Authentication via Secure Channel

This thread has been viewed 0 times

  • 1.  Authentication via Secure Channel

    Posted Oct 24, 2017 10:19 PM
    Hi Guys,
    Have some question. My AD is using data signing feature to have secure communication to the domain endpoints.

    Now, I will put in between the AD and the domain endpoints the ClearPass. Does ClearPass can still authenticate the domain endpoints even if the data signing feature of AD is turned-on?

    Thanks


  • 2.  RE: Authentication via Secure Channel

    EMPLOYEE
    Posted Oct 24, 2017 10:22 PM
    LDAPS is between ClearPass and your Active Directory environment. Your EAP method choice will determine credential security between the client device and ClearPass.


  • 3.  RE: Authentication via Secure Channel

    Posted Oct 24, 2017 11:36 PM

    Hi cappalli,

    thanks for the feedback.

    so meaning, clearpass can still authenticate even if AD has Data Signing enabled?

    thanks



  • 4.  RE: Authentication via Secure Channel

    EMPLOYEE
    Posted Oct 24, 2017 11:39 PM
    If it's just LDAPS, yes. Never heard of it referred to as that before.


  • 5.  RE: Authentication via Secure Channel

    Posted Oct 24, 2017 11:45 PM

    hi cappalli,

    yes we are using AD over SSL (port 636) between CPPM and AD however, in the AD itself the data signing feature is turned-on.



  • 6.  RE: Authentication via Secure Channel

    EMPLOYEE
    Posted Oct 24, 2017 11:48 PM
    I'm not familiar with that feature. Link?


  • 7.  RE: Authentication via Secure Channel

    Posted Oct 25, 2017 12:00 AM

    hi cappalli,

    actually i am not familiar also since i am not an AD guy.

    maybe you can look ino this link.

    https://technet.microsoft.com/en-us/library/jj852234(v=ws.11).aspx

    thanks



  • 8.  RE: Authentication via Secure Channel

    Posted Oct 25, 2017 12:01 AM

    hi cappalli,

    actually i am not familiar also since i am not an AD guy.

    maybe you can look ino this link.

     

    https://technet.microsoft.com/en-us/library/jj852234(v=ws.11).aspx

     

    thanks



  • 9.  RE: Authentication via Secure Channel

    EMPLOYEE
    Posted Oct 25, 2017 08:52 AM
    This is not something we've tested. Your mileage may vary.