Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

control devices to be onboarded

This thread has been viewed 0 times

  • 1.  control devices to be onboarded

    Posted Mar 07, 2014 01:53 PM

    It might be a strange query but how can we control devices to be onboarded.

    I know we can do it based on os/device type , importing mac list and assigning attributes..but can we differentiate between two windows devices by any other method

    so if i dont want personal laptop to be onboarded but company laptop is required to be onboarded , how can we achieve this

     

    -harshad



  • 2.  RE: control devices to be onboarded

    Posted Mar 07, 2014 05:38 PM
    In the enforcement policy you can define a rule to only onboard only machine authenticated laptops of course this will work with devices in the domain


  • 3.  RE: control devices to be onboarded

    Posted Mar 08, 2014 09:32 AM

     

    How to achive machine authentication based enforcement..

     

    My setup is Cisco WLC -ACS based authentication and I will be moving this authentication to WLC-CPPM.

    When a new device is connected to onboard SSID how it will get machine authenticaticated - where to enable something like enforce machine authentication as we do in aruba Controller ? - The machine authentication status determination and user athentication will happen in same session ?

     

     



  • 4.  RE: control devices to be onboarded