New Contributor

ClearPass Policy Manager roles/role mapping verses ArubaOS user roles

Hi, I have a green fields ClearPass Policy Manager install and an existing Aruba WLAN that needs better security all round. ClearPass will be introducing 802.1X/EAPTLS/RADIUS and the existing ArubaOS needs better user role definition around employee types that have different VLAN separation and firewall policies.

Reading through the manuals its "seems" like I have two choices with creating roles as both policy manager and controller which leads me to the questions:

1. Which is best to use?

2. Can I use both together for wireless access?- for example combine:

         a.  AD wireless group/department group member using Policy Manager along with

         b. A role in controller




Re: ClearPass Policy Manager roles/role mapping verses ArubaOS user roles

Roles created on the CPPM are communicated to the Controller for policy implementation.   So you need the same roles in both places...


The roles on the CPPM are a result of authentication workflows and rule-sets,  and the roles reside on the controller to actually-carry-out the seperation and security aspects (be they policies, or yes VLANs too) -after- CPPM roles have been derived for each user/device/user-device combination.



Search Airheads
Showing results for 
Search instead for 
Did you mean: