Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

What is the better method for 802.1x authentication

This thread has been viewed 1 times

  • 1.  What is the better method for 802.1x authentication

    Posted Feb 05, 2019 05:47 AM

    Hi,

    What is the suggested method to deploy 802.1x authentication and OnGuard in a wired environment? i.e. Enable 802.1x settings through group policy and deploy Onguard agent or deploy Quickconnect with health checks. Is the Quickconnect valid solution for Windows environment.

     

    Please suggest.

     

    Thanks,

    Yugandhar.



  • 2.  RE: What is the better method for 802.1x authentication

    EMPLOYEE
    Posted Feb 05, 2019 06:11 AM

    Quickconnect is for byod non-domain devices:  https://www.arubanetworks.com/assets/ds/DS_ClearPass_QuickConnect.pdf

     

    In a domain environment, you should be deploying 802.1x through group policy.



  • 3.  RE: What is the better method for 802.1x authentication

    Posted Feb 05, 2019 06:19 AM

    Hi,

    I have one more question on this. 

     

    Here the problem is that we do not have segmentation between Floor side endpoints and Datacenter machines in the active directory. If we push the settings through Group policy it may apply on Datacenter Machines also.

     

    Can we enable dot1x settings (not authentication) on datacenter machines (Server & Virtual machines) but not on Datacenter switches.

     

    Thanks,

    Yugandhar.



  • 4.  RE: What is the better method for 802.1x authentication

    EMPLOYEE
    Posted Feb 05, 2019 06:24 AM

    That is a Windows question.  In a normal environment having datacenter devices in a different group policy than user workstation devices is a best practice and should be used.