Security

Who Me Too'd this topic

Guru Elite

ClearPass Solution Guide: Wired Policy Enforcement

Team Aruba,

 

We’re happy to announce an update to the ClearPass Solution Guide for Wired Policy Enforcement. Version 2018-01 adds OnConnect for Comware 7 (added in ClearPass 6.7.1), changes for ClearPass 6.7 and some overall tweaks and updates.

 

2018-01 Release Notes:

  • Major Updates
    • [CW7] Added ClearPass OnConnect section
    • [CW7] Updated dynamic authorization references to use new H3C templates in 6.7

 

  • Minor Updates
    • [AOS-S] corrected ordering of some commands
    • [AOS-S] added addr-limit config
    • [AOS-S] added SNMP server trap source
    • [AOS-S] updated DUR section to include standard mode added in 6.7
    • [AOS-S] updated web auth service to use new page name attribute added in 6.7
    • [Cisco] Added note about LAN base image
    • [Cisco] updated web auth service to use new page name attribute added in 6.7
    • [CW7] updated web auth service to use new page name attribute added in 6.7

 

Updated Document Summary:

  • Wired enforcement options and technologies
  • ArubaOS-Switch configurations:
    • Colorless port: 802.1X, MAC Auth, Captive Portal with local and downloadable user roles
    • OnConnect
    • Per-Port Tunneled-Node (PPTN)
    • Per-User Tunneled-Node (PUTN)
  • Comware 7 configuration:
    • Colorless port: 802.1X, MAC Auth, Captive Portal
    • OnConnect
  • Cisco IOS 12.x/15.x (IBNS 1.0) configuration:
    • Colorless port: 802.1X, MAC Auth, Captive Portal
    • OnConnect

 

 

Document Link (v2017-02): ClearPass_Solution-Guide_Wired-Policy-Enforcement_v2018-01.pdf

 

Future releases to include: 

  • Cisco IOS-XE 'Denali' (16.x) with IBNS 2.0
  • Juniper EX

Enjoy

 

- Aruba Security Team


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Who Me Too'd this topic