Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass features which require PEFNG license in controller?

This thread has been viewed 0 times

  • 1.  ClearPass features which require PEFNG license in controller?

    Posted Sep 17, 2015 01:50 PM

    Hi all,

     

    I'm planning ClearPass deployment with Aruba WLAN setup but without firewall licensenses. What features do you know what I can't do without the PEFNG?

     

    For example Guest features such as self registration, email validation etcc seem to rely on user roles. Are these possible do deploy any other way?



  • 2.  RE: ClearPass features which require PEFNG license in controller?

    EMPLOYEE
    Posted Sep 17, 2015 01:54 PM
    PEFNG is required if you want to do custom user-roles or modify user roles.


  • 3.  RE: ClearPass features which require PEFNG license in controller?

    Posted Sep 18, 2015 03:26 AM

    That's correct but that didn't really answer the question what was how this affects ClearPass deployments.

     

    Are custom roles required when doing Guest features for example?

     

     



  • 4.  RE: ClearPass features which require PEFNG license in controller?

    EMPLOYEE
    Posted Sep 18, 2015 04:35 AM

    Custom roles are not required when doing guest access but it limits your flexibility.  When guest users authenticate successfully, they will have the same open role, so you cannot restrict where they go and what they do with firewall policies.  If you need to restrict guest user traffic, this will be problematic.



  • 5.  RE: ClearPass features which require PEFNG license in controller?

    Posted Sep 18, 2015 05:03 AM

    Do you know can I do sponsor based guest access control or self registration in captive portal? 



  • 6.  RE: ClearPass features which require PEFNG license in controller?

    EMPLOYEE
    Posted Sep 18, 2015 06:08 AM

    Yes, you can.

     

     



  • 7.  RE: ClearPass features which require PEFNG license in controller?

    Posted Sep 20, 2015 05:19 AM

    Thank you so much. I'll keep doing some testing and see how it will work out.

     

    Many thanks!