Security

Reply
Occasional Contributor II
Posts: 11
Registered: ‎03-29-2017

Pulse Policy Secure --> ClearPass Policy Manager Migration, EAP-T(T)LS + Username / Password

[ Edited ]

So, we are in the process of migrating our existing Pulse Policy Secure NAC / NAP 802.1X solution (used for both wired and wireless clients) to ClearPass Policy Manager, and I'm not quite sure if there's a straight forward migration path.

 

Right now, we're using EAP-TTLS as 'outer' authentication protocol, and EAP-JUAC, a proprietary Juniper / Pulse Secure authentication protocol, as 'inner' authentication protocol. A client application, Pulse Secure Client, performs the compliance and client certificate checks. Also, Pulse Secure Clients acts as a Windows credential provider plugin.

 

We have the requirement that our clients perform BOTH machine authentication using a pre-deployed certificate and user authentication (active directory credentials), which works just fine using the setup mentioned above.

 

I went through the airheads community and found some similar posts (like http://community.arubanetworks.com/t5/Security/How-to-Machine-AND-User-Authentication-in-Windows-with-Clearpass/td-p/208471 ), but not exactly what I'm looking for.

 

Anyways, is there a way to perform both client cert checks and user credentials checks with Aruba ClearPass? Can OnGuard be used as Windows credential provider?

 

Thanks,

Thomas

Search Airheads
Showing results for 
Search instead for 
Did you mean: