Security

Reply
Occasional Contributor I
Posts: 5
Registered: ‎12-09-2011

Which ClearPass Modules do I need for BYOD and Guestaccess ?

Hi, 

 

I am looking for a solution to provide BYOD access and Guest access.

- BYOD access should work via Certificates (e.g. EAP-TLS), company employees should do that via registration e.g. webauth with MS-AD credentials. After that the BYOD should get a certificate with the CN of the company-AD-username and an EAP-TLS konfiguration for authentication to the ClearPass authentication server.

 

- Guest access should work via web-authentication, a ticket should be given via a sponsor, who generates the guest-ticket. After that the Guestuser can connect to the wireless network and gets an http-redirekt to the guest authentication portal.

 

- I don't need any device fingerprinting, because BYOD and Guest will be on the same SSID and will get the same access to the internet.

 

What Clearpass systems are needed for that ?

 

I thought following:

ClearPassPolicy Manager (Base System)

- ClearPassOnboard for BYOD Access (SW-Module in PolicyManager)

- ClearPassGuest for GuestAccess (SW-Module in PolicyManager)

 

Best Regards

Alois

 

Guru Elite
Posts: 20,566
Registered: ‎03-29-2007

Re: Which ClearPass Modules do I need for BYOD and Guestaccess ?


aheilmaier wrote:

Hi, 

 

I am looking for a solution to provide BYOD access and Guest access.

- BYOD access should work via Certificates (e.g. EAP-TLS), company employees should do that via registration e.g. webauth with MS-AD credentials. After that the BYOD should get a certificate with the CN of the company-AD-username and an EAP-TLS konfiguration for authentication to the ClearPass authentication server.

 

- Guest access should work via web-authentication, a ticket should be given via a sponsor, who generates the guest-ticket. After that the Guestuser can connect to the wireless network and gets an http-redirekt to the guest authentication portal.

 

- I don't need any device fingerprinting, because BYOD and Guest will be on the same SSID and will get the same access to the internet.

 

What Clearpass systems are needed for that ?

 

I thought following:

ClearPassPolicy Manager (Base System)

- ClearPassOnboard for BYOD Access (SW-Module in PolicyManager)

- ClearPassGuest for GuestAccess (SW-Module in PolicyManager)

 

Best Regards

Alois

 


You are correct about the requirements.  ClearPassOnboard is a SW-Module in the ClearPass Guest Server, though.  ClearPass Guest is also a Software Module in the ClearPass Guest Server.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: