Wired Intelligent Edge

last person joined: 10 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Automatic VLAN/ACL/QoS policies deployment

This thread has been viewed 6 times

  • 1.  Automatic VLAN/ACL/QoS policies deployment

    Posted May 02, 2019 12:37 PM

    Hi guys,

     

    I have a network made of 2930F and 2930M switches at the edge.

    We need to implement VLAN/ACL/QoS policies in an automatic way and by user profiles.

    I think that this can be done implementing a CPPM and Colorless ports.

    Do I also need to deploy a Mobility Controller? ... I have budget restrictions for this deployment.

    Any suggestion will be appreciated.

    Regards



  • 2.  RE: Automatic VLAN/ACL/QoS policies deployment

    EMPLOYEE
    Posted May 02, 2019 12:42 PM

    User roles would be the appropriate way to deploy this.

     

    You don't necessarily need a controller, only if you want to tunnel the traffic to the controller and segment the traffic via the firewall and utilize the controller applications..  You can locally switch the users using user roles. 

     

    If you have existing Aruba Wireless infrastructure, you can by all means utilize that and tunnel appropriate wired users to those controllers as well.



  • 3.  RE: Automatic VLAN/ACL/QoS policies deployment

    Posted May 02, 2019 01:04 PM
    Please keep in mind that switches has limited TCAM space. You can use acl’s in the user roles in the switches but not unlimited. Also acl’s are stateless.


  • 4.  RE: Automatic VLAN/ACL/QoS policies deployment

    MVP GURU
    Posted May 03, 2019 01:08 PM
    @N3tw0rk3r wrote:

    Hi guys,

     

    I have a network made of 2930F and 2930M switches at the edge.

    We need to implement VLAN/ACL/QoS policies in an automatic way and by user profiles.

    I think that this can be done implementing a CPPM and Colorless ports.

    Do I also need to deploy a Mobility Controller? ... I have budget restrictions for this deployment.

    Any suggestion will be appreciated.

    Regards

    You don't need a MM (it is only if need UBT)

     

    but with User Role, you can have Vlan/ACL/QoS