Security

I need to setup clearpass for BYOD for two different institution. Existing environment:

1. 7240 Aruba Controllers running 6.4.3.7 one for each institution
2. Clearpass 6.5 = cluster of 3 appliances used for both institutions
3. 802.1X authentication for wired and wireless with one SSID with AD
4. Clearpass acts as a Radius server for wired and wireless
5. Currently both institution share the network and the same ssid across the campus

Requirements for BYOD:

1. It will be a phased approach as one of the institution will migrate from institutional laptops to BYOD - first phase approximately 2,000 students. Second phase approximation 75,000more and another 2,500 in the third phase
2. Need to be able to differentiate between institutions as each institution will purchase their own enterprise licenses but onborading and onguard should be available for BYOD across the campus
3. Need onboard only laptops for BYOD and not smartdevices
4. Posture will be required 
5. Smartdevices will be allowed on the network for internet access only

Any suggestions in how to achieve the above will be appreciated.

Thank you,

Adrian 

Have you contacted your Aruba ClearPass partner? This is a pretty big undertaking and we don't have all the details of your network, AD infrastructure, licensing etc.

You would need a VAR or Professional Services to tie this all together, because you would need to align features with what you need to happen.  We can give you some general advice here, but there are quite a few details that will have to be worked out, that is is probably better for someone who knows all of the details of your network and who has done this before.  The setup you describe could be complex just for a single institution.  It is even more complex with two of them.  I would get professional services or a consultant to do the work for you.