Hi community,I would like to know on which cases the cppm considers a client device as a [machine authenticated] role? please, your kindly support.Customer needs to use 802.1x PEAP (with radius certificate signed by AD CS and a CA root from AD CS). user authentication will be against AD as a authentication source of CPPM with one generic corporative group from their accounts. So enterprise endpoints should be tested having the following two basic conditions:*first rule: authenticated by user and machine , so CPPM enforcement policy should assign a corporative role*second rule: authenticated only by [user authenticated] ,so CPPM enforcement policy should assign a restrict rolealso, customer is asking, what happens if one corporate client device (joined to domain) doesn't have a root CA certificate on device and wants to connect to the corporate network. could it be authorized only based on authentication (second rule)?please your kindly support and opinion. i attached what i was thinking based on other recommendations
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.