Hello. I am an architect with an Aruba business partner who is just getting started with Clearpass. Done quite a bit of reading and will be taking Clearpass Essentials soon. I think I have a basic handle on what Clearpass does.
But what I'd like to understand in a little more detail is how Clearpass Profiling and Policy Management is typically used with some examples (please forgive me if this is not the right place to be asking such a question).
So correct me if I am wrong, but my sense is that one can use Clearpass to very effectively detect the type of device, OS, etc that is attempting network access (e.g. Samsung Smartphone with Android 6.0, Dell xxx laptop with Windows 10, etc) and that one can then decide whether to grant access based on the device type and OS.
But are there other more granular characteristics that are detected that can be used to profile and decide whether access should be granted? How about things like userid? Are there roles and can access be granted by roles or groups? Can access be granted but limited in certain ways by device or by role? For example, could a rule be created whereby only executives (defined by role) who have BYOD Samsung Galaxy S5 devices are granted network access?
Can anyone provide me with some good examples of how these capabilities are actually used?
Many thanks in advance.
Larry