Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass guest deployment with a dmz controller

This thread has been viewed 4 times

  • 1.  Clearpass guest deployment with a dmz controller

    Posted Sep 27, 2016 12:31 PM

    Hello right now we got a captive portal with a dmz conroller

    We got a vlan that just exist in the controllers

    So we got multiple controllers with a vlan 999 a dmz controller also with that vlan 999.  We got tunnel GRE that connect all the controllers with the DMZ controller, and on the DMZ controller has the exit to internet.  We nat that vlan 999 through the ip of the dmz controller that has acccess to internet.

     

    Now if we want to put a clearpass that willl be just used for Guest.  Where should we put this clearpass?

    In the DMZ?  which would be the best practice?

     

    Cheers

    Carlos



  • 2.  RE: Clearpass guest deployment with a dmz controller

    Posted Sep 27, 2016 01:38 PM

    It may depend on the specifics of the site, but I have my CPG server on an inside network, so things like ldap, backups, etc. of the CPPM/CPG all stay inside.