Security

 View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

802.1AR

This thread has been viewed 18 times
  • 1.  802.1AR

    Posted Dec 01, 2022 05:31 AM

    We are working on a new policy for IoT devices. A new standard is 802.1AR but i can't find much detailed information.

    Is a Secure Device ID (iDevID, lDevID...) in fact a kind of (public signed) certificate - but one that never expires?

    Is there any practical use / implementation of 802.1AR in Clearpass PM known? 



    ------------------------------
    Danny Bosman
    KBC Group - Belgium
    ------------------------------


  • 2.  RE: 802.1AR

    Posted Dec 01, 2022 10:20 AM
    802.11AR seems to be part of Device Provisioning Protocol (DPP) or Wi-Fi Easy Connect (same thing).

    Here is a video from the past with a demo.

    There is a dependency on the WLAN side as well, not just ClearPass and I have not seen many client devices that support DPP/Wi-Fi Easy Connect, which may be why there (to my knowledge) is not yet a practical implementation available.

    To my understanding the Secure Device ID does not need to be publicly signed because you provision the device with like a QR code that has the information to setup the trust. And there are all kinds of things in place to verify ownership across the supply chain. These recent videos from a hardware manufacturer seem to have some more details. If others have better information, please share here.

    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: 802.1AR

    EMPLOYEE
    Posted Dec 04, 2023 12:08 PM

    Note that there is a new video on 802.1AR in the Secure Networking Tech Corner:

    https://community.arubanetworks.com/viewdocument/secure-device-onboarding-with-8021?CommunityKey=ad21c2d0-6517-4b6b-81fc-018a19005f5c&tab=librarydocuments