Wireless Access

I am in the process of putting together an Application SSID.  I have an SSID for students and teachers with school system based equipment.  I am in discussions with management about the BYOD/Guest design.  In the mean time I need to get the school based equipment provisioned on to the network.  We use Airwatch for IOS/Apple products, Google Console for chrome books, and AD for the windows devices. 

The challenge is that we need to get these devices enrolled into the different servers.  Once enrolled the devices are allowed onto the production network with your AD credentials .  The Airwatch and AD services are on premise.  The Google console is not.  What is best practice here?  How do I set up rules to say that if you are IOS/Apple you are redirected to this server , if you are a chrome book you are redirected to this service, and for Window devices what services do I allow for enrolling them into AD?

You didn't say what type of authentication/encryption you are using...

We are using 4 ClearPass servers 100k.  802.1x WPA2 entreprise using the MDM (google console and Airwatch) and AD as repostory for machine auth backed by AD.  That is the production network.

You should probably engage a consultant or Value Added Reseller to tell you what specific options are available to you.  There are quite a few possibilities with the equipment you have.