Security

Reply
Regular Contributor II
Posts: 232
Registered: ‎03-14-2012

User Authentication + Machine Authentication during Onboarding

Hello All,

 

I'm deploying Onboarding for a Customer in an environment where their AD Domain Credentials are shared with Non-Staff members resulting to a very insecure environment.

 

The issue or question I have is, is there a way we can use both User and Machine Authentication for Onboarding in order to achieve a situation where even if we have a Non-Staff member coming in with his/her personal Laptop but has the AD Domain Credential of a Staff member will not be able to gain access to the Corporate Network.

 

So as long as the Laptop is not a Domain Machine, we don't want this User gain access to the Corporate Network. What can I do to achieve this?

 

 

Guru Elite
Posts: 20,415
Registered: ‎03-29-2007

Re: User Authentication + Machine Authentication during Onboarding

If these are all domain machines, I would not use onboarding. You should just authenticate the devices via 802.1x and use the built-n [MACHINE AUTHENTICATED] role in CPPM to allow or block machines.

 

Onboarding is for non-domain devices that you want to get acces to your network.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Regular Contributor II
Posts: 232
Registered: ‎03-14-2012

Re: User Authentication + Machine Authentication during Onboarding


cjoseph wrote:

If these are all domain machines, I would not use onboarding. You should just authenticate the devices via 802.1x and use the built-n [MACHINE AUTHENTICATED] role in CPPM to allow or block machines.

 

Onboarding is for non-domain devices that you want to get acces to your network.

 


Thanks cjoseph.

 

I kind of was leaning to your statement as well but I wanted to be sure there wasn't an option via Onboarding.

Search Airheads
Showing results for 
Search instead for 
Did you mean: