Security

Reply
Frequent Contributor I
Posts: 218
Registered: ‎09-14-2011

Best way to diferentiate between Corporate and Personal Smart Phones?

So how do you guys do it? Best way to diferentiate between Corporate and Personal Smart Phones using Clearpass with Active Directory?

 

aaannndddd..... GO!!!

Scott McNeil - IT Specialist, Global Process Automation
Network+ | CWNA | ACSP | ACMP | ACMA | BREC
Guru Elite
Posts: 7,821
Registered: ‎09-08-2010

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

Are you using an MDM for either classification of devices?

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Frequent Contributor I
Posts: 218
Registered: ‎09-14-2011

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

Hiya Cappi! Negative, the client does not have an MDM as there are approximately 80 or so Android phones.

 

So was wondering about other alternatives, possibly with AD/LDAP  queries?

Scott McNeil - IT Specialist, Global Process Automation
Network+ | CWNA | ACSP | ACMP | ACMA | BREC
Guru Elite
Posts: 7,821
Registered: ‎09-08-2010

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

If you're not using an MDM, you'd have to leverage SHLs or Guest Device
Repository with MAC address to identify them. Just keep in mind, MAC address
can be spoofed, so you'll want to use the profile conflict detection
mechanisms with this.



One other alternative is to issue certificates to the corporate devices via
Onboard or an external CA.

Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
Frequent Contributor I
Posts: 218
Registered: ‎09-14-2011

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

SHLs?

 

 

Scott McNeil - IT Specialist, Global Process Automation
Network+ | CWNA | ACSP | ACMP | ACMA | BREC
Guru Elite
Posts: 19,945
Registered: ‎03-29-2007

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

Static host lists in ClearPass or a list of corporate mac addresses.

Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Validated Reference Design Guides : http://community.arubanetworks.com/t5/Validated-Reference-Design/tkb-p/Aruba-VRDs
Frequent Contributor I
Posts: 218
Registered: ‎09-14-2011

Re: Best way to diferentiate between Corporate and Personal Smart Phones?

There are waaaaaaay too many acronyms in our line of work :-)

 

But yeah, I think that is the direction we are going to go. Thanks for the assistance gang!

Scott McNeil - IT Specialist, Global Process Automation
Network+ | CWNA | ACSP | ACMP | ACMA | BREC
Search Airheads
Showing results for 
Search instead for 
Did you mean: