Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

This thread has been viewed 2 times

  • 1.  CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    Posted Mar 04, 2014 06:53 PM

    HI All,

     

    Just a wild theoretical question so excuse me if the concept is way off!

     

    Looking at the capabilities of ClearPass as it stands, you can use web logins to manage SAML / SSL against other applications such as google apps and proxy servers.

     

    Is there any way that an 802.1x protected network (using clearpass) could perform the same role such that an onboarded 802.1x device could have clearpass push the 802.1x credentials up to the SAML / SSO platform and authenticate the user in the same way?

     

    Just looking for a way to provide a secure SSO experience.

     

    Scott



  • 2.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    EMPLOYEE
    Posted Mar 05, 2014 12:16 AM
    There will be some things coming in the future and I will post more when we get closer the releases.


  • 3.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    Posted Mar 06, 2014 10:22 PM

    ooh stumbled upon some secret roadmap :-) looking forward to finding out!



  • 4.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    Posted Jun 02, 2016 08:01 AM

    Is there any update on this? Specifically, has there been support added for Google Apps for Education?



  • 5.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    EMPLOYEE
    Posted Jun 02, 2016 08:51 AM
    What specifically are you looking to do? Please create a new thread. 


  • 6.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    Posted Feb 15, 2019 11:59 AM

    We are an educational institution. Currently all of our 802.1X BYOD connections authenticate against Active Directory. We also check atributes of Open LDAP to verify if the user can gain access. We would like to just authenticate against Open LDAP but it does not support EAP.

    We can do CAS and SAML. What I was hoping to do is use the native EAP found on devices to connect and run it through a ClearPass service to connect to Open LDAP with a SAML service.

     

    Any ideas?



  • 7.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    EMPLOYEE
    Posted Feb 15, 2019 12:03 PM
    You would use SAML or OIDC as a pre-auth for Onboard and then use your OpenLDAP for real-time authorization.


  • 8.  RE: CPPM : Can 802.1x be used to perform SSO / SAML against upstream devices

    Posted Feb 15, 2019 12:35 PM

    We don't onboard devices. 

    If the user has a valid account in one of two ADs that are here and the attribute is set to active in LDAP then they are allowed to connect.