Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

some doubts on IAP vs Mobility controller

This thread has been viewed 0 times

  • 1.  some doubts on IAP vs Mobility controller

    Posted Feb 11, 2015 07:31 AM

    Hi guys,

    Comparing IAP with A Mobility Controller are these needs cover on both ?

     

     

     

    1. roaming between different ssid's - iamgine that we have two  floors , 2 ssid and the same  user.  Can he jump from one to another without re authenticate?

     

    2. Is it possible to limit the power of certain AP's ( to for ex 50mw)? In IAP or only with Mobility Controller

     

    3 . IAP permits to have captive portal configuration? Or only with a controller

     

    4. APP RF is available in both IAP and controller 700 series ( OS rls 6.4.0.2-4.1) correct?

     

    Thanks for the help

     

    Regards



  • 2.  RE: some doubts on IAP vs Mobility controller

    EMPLOYEE
    Posted Feb 11, 2015 08:31 AM
    Yes to all of those questions. 


  • 3.  RE: some doubts on IAP vs Mobility controller

    Posted Feb 11, 2015 09:26 AM
    However a side note. For IAPs the newer IAP-11x, 20x, 21x, 22x, RAP-10x, and RAP-155 support the DPI piece for full control of AppRF.


  • 4.  RE: some doubts on IAP vs Mobility controller

    Posted Feb 11, 2015 09:27 AM
    And the 103.


  • 5.  RE: some doubts on IAP vs Mobility controller

    Posted Feb 11, 2015 10:49 AM

    Hi ,

     

    Thanks for the help.

     

    is there any document that stats the differences between IAP´s and Mobility Controllers?

     

    Is it possible to IAP to have a DNS server internal?

     

    All data between AP´s and mobility controllers is encrypted (GRE) . In IAP is the same? Is there any data passed in clear mode?

     

     



  • 6.  RE: some doubts on IAP vs Mobility controller

    EMPLOYEE
    Posted Feb 11, 2015 10:55 AM
    The GRE tunnel is NOT encrypted although the traffic that passes over the
    GRE MAY be encrypted based on the wireless encryption.



    In Instant, most traffic is bridged out the local AP. Things like
    authentications, guest traffic, and traffic destined for a VPN tunnel are
    sent through the virtual controller.


  • 7.  RE: some doubts on IAP vs Mobility controller

    Posted Feb 11, 2015 04:19 PM
    Hi.

    I am asking because we need to certify that no data passes in clear?
    Assuming your words, i get a little confused.
    Since encription is related to wireless encription, is ok to tought that data passes clear between iap and ap or controller and ap's ?

    Regards


  • 8.  RE: some doubts on IAP vs Mobility controller

    EMPLOYEE
    Posted Feb 11, 2015 05:27 PM

    If your requirement is that no data passes in the clear, I would most certainly use a mobility controller as the encryption happens between the wlan client and the controller...vs the IAP where the encryption happens at the IAPs



  • 9.  RE: some doubts on IAP vs Mobility controller

    Posted Feb 15, 2015 08:04 AM

    of your original questions then certainly IAP does all four things. but the buildin captive portal is very limited in configuration options and the accounts don't have an expire function. doesn't have to be an issue, but might be.