CLEARPASS CONVERSATION GUIDE

Similar documents
Provide One Year Free Update!

ARUBA CLEARPASS POLICY MANAGER

A. Post-Onboarding. the device wit be assigned the BYOQ-Provision firewall role in me Aruba Controller.

CLEARPASS GUEST. A ClearPass Policy Manager Application DATA SHEET KEY FEATURES THE CLEARPASS ADVANTAGES

Conquering today s bring-your-own-device challenges. A framework for successful BYOD initiatives

Enterprise Guest Access

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

QuickSpecs. Aruba ClearPass OnGuard Software. Overview. Product overview. Key Features

AIRPLAY AND AIRPRINT ON CAMPUS NETWORKS AN ARUBA AIRGROUP SOLUTION GUIDE

ARUBA CLEARPASS POLICY MANAGER

ClearPass Design Scenarios

ARUBA CLEARPASS NETWORK ACCESS CONTROL

BYOD: BRING YOUR OWN DEVICE.

Securing BYOD With Network Access Control, a Case Study

ClearPass and MaaS360 Integration Guide. MaaS360. Integration Guide. ClearPass. ClearPass and MaaS360 - Integration Guide 1

TECHNICAL NOTE MSM & CLEARPASS HOW TO CONFIGURE HPE MSM CONTROLLERS WITH ARUBA CLEARPASS VERSION 3, JUNE 2016

CLEARPASS EXCHANGE. Open third party integration for endpoint controls, policy and threat prevention SOLUTION OVERVIEW MAKE BETTER-INFORMED DECISIONS

Secure wired and wireless networks with smart access control

Aruba Case Study. Educause. Overview. Requirements

Deployment Guide. Best Practices for CounterACT Deployment: Guest Management

QuickSpecs. Aruba ClearPass Guest Software. Overview. Aruba ClearPass Guest Software A ClearPass Policy Manager Application.

ClearPass NAC and Posture Assessment for Campus Networks

ForeScout Extended Module for VMware AirWatch MDM

Visibility, control and response

ForeScout Extended Module for MobileIron

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

Aruba Certified Clearpass Professional 6.5

Cisco Identity Services Engine (ISE) Mentored Install - Pilot

ForeScout Extended Module for MaaS360

TECHNICAL NOTE UWW & CLEARPASS HOW-TO: CONFIGURE UNIFIED WIRELESS WITH CLEARPASS. Version 2

Support Device Access

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Cisco ISE Features. Cisco Identity Services Engine Administrator Guide, Release 1.4 1

802.1X: Port-Based Authentication Standard for Network Access Control (NAC)

TECHNICAL NOTE CLEARPASS PROFILING QUICK START GUIDE

ARUBA CLEARPASS NETWORK ACCESS CONTROL

ARUBA RAP-3 REMOTE ACCESS POINT High-performance wireless and wired networking for branch offices and teleworkers

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Secure Access Solutions. Version: Demo

ARUBA RAP-3 REMOTE ACCESS POINT

2013 InterWorks, Page 1

ENTERPRISE NETWORKS WLAN Guest Management Software

The Aruba Mobile Virtual Enterprise for Government. The Next Generation Network Access Architecture for Mobile Technology

ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

The Device Has Left the Building

NETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY.

NAC: LDAP Integration with ACS Configuration Example

TITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF:

Network Configuration Example

With Aruba Central, you get anywhere-anytime access to ensure that your network is up and performing efficiently.

Bring Your Own Design: Implementing BYOD Without Going Broke or Crazy. Jeanette Lee Sr. Technical Marketing Engineer Ruckus Wireless

Forescout. eyeextend for MobileIron. Configuration Guide. Version 1.9

BYOD Business year of decision!

ForeScout App for IBM QRadar

P ART 3. Configuring the Infrastructure

Support Device Access

The Context Aware Network A Holistic Approach to BYOD

Configure Guest Access

Access and Policy License Double Click

Forescout. eyeextend for IBM MaaS360. Configuration Guide. Version 1.9

Access Guardian and BYOD in AOS Release 8.1.1

GUIDE. MetaDefender Kiosk Deployment Guide

The Aruba S3500 Mobility Access Switch

Network Access Control

ARUBA 360 SECURE FABRIC

Adaptacyjny dostęp do aplikacji wszędzie i z każdego urządzenia

Guest Access User Interface Reference

Cisco Network Admission Control (NAC) Solution

USP Network Authentication System & MobileIron. Good for mobile security solutions

ISE Version 1.3 Self Registered Guest Portal Configuration Example

Question: 1 The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

VMware Horizon FLEX 1.5 WHITE PAPER

ForeScout Extended Module for ArcSight

Forescout. eyeextend for VMware AirWatch. Configuration Guide. Version 1.9

BEST PRACTICE - NAC AUF ARUBA SWITCHES. Rollenbasierte Konzepte mit Aruba OS Switches in Verbindung mit ClearPass Vorstellung Mobile First Features

PRODUCT GUIDE Wireless Intrusion Prevention Systems

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

2012 Cisco and/or its affiliates. All rights reserved. 1

Integrating Meraki Networks with

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

Amigopod. Implementing Multiple Visitor Account Creation Forms

HPE Aruba Focus Areas

Xerox and Cisco Identity Services Engine (ISE) White Paper

ClearPass QuickConnect 2.0

Cisco ISE Features Cisco ISE Features

Forescout. Configuration Guide. Version 4.4

EM L01 Introduction to Mobile

Configuring Client Posture Policies

ForeScout Extended Module for Carbon Black

Creates a Feature-Rich, Enterprise-Grade Wireless LAN

ARUBA CLEARPASS POLICY MANAGER

ARUBA RAP-3 REMOTE ACCESS POINT

NNTF12_51 SIMPLY CONNECTED IN ACTION : AN OVERVIEW OF DIFFERENT USE-CASES. Tim McCarthy

Purchase Intentions Spring 2013 EMEA

Sponsor Documentation

Outnumbered, but not outsmarted A 2-step solution to protect IoT and mobile devices

HPE Aruba. Course Training Year 2017 By IT Green

Bring Your Own Device. Peter Silva Technical Marketing Manager

Securing Enterprise or User Brought mobile devices

Transcription:

CLEARPASS CONVERSATION GUIDE Purpose: Goal: How to use: This document is designed to help you steer customer discussions with respect to the ClearPass solution. It will be useful as an initial conversation starter or after positioning Aruba/ MOVE to begin discussing ClearPass. By following this guide, you will step through a series of solution based qualifying questions to arrive at the specific ClearPass features in which to focus on. Start on page 2 by posing the high level questions shown in the dark blue text boxes. If the customer responds positively, proceed to the second level questions shown in the gray arrows attached to each blue text box. Once you have posed those questions, proceed to the appropriate flow chart: BYOD (page 3) AAA (page 5) NAC (page 6) Guest (page 7) On page 4, you will also notice a chart entitled BYOD. Use this when a customer states that they do not have a BYOD initiative. On the final page is a chart with key features, benefits, and sizing tips for each of the products.

Do you have a BYOD initiative? Go to BYOD chart How do users authenticate for network access? Go to AAA chart Are you looking to deploy NAC or replace an old NAC system? Go to NAC chart Do guests/visitors require network access? Go to Guest chart

BYOD What is your decision criteria for device access? Known (identified or Company owned) vs. Unknown (Unidentified or Personally owned) 1. Position CPPM + profiling for device based, differentiated access or CPPM with basic MAC authentication. 2. Position CPPM+Onboard for benefits listed below Access will be granted by device type (laptops have full access while tablets are restricted) Position CPPM + Onboard for automated device configuration/provisioning and detailed device information for policy. Describe the different types/classes of users & devices in your environment. (For user handling, refer to AAA chart) Is network security a driver for your BYOD initiative? Position Aruba's strengths as an enterprise wide, policy based security platform Device specific security options are important, especially password, remote wipe, jailbroken devices Onboard + CPPM provides device revocation & ios password options. Today, we do not have other MDM functions. Is your IT staff spending too much time configuring endpoint devices? Present the benefits of Onboard with respect to automating the user workflow and configuring the device Position CPPM and Onboard for automated device configuration/provisioning.

NO BYOD Security concerns will dictate the need for deploying a policy based approach. Go to BYOD and AAA charts. Do you have security concerns? What are they? Do you allow personally owned devices on your network? Are you authenticating users? If YES, go to AAA chart. If NO, pitch QuickConnect for auto configuration if using.1x. Denying access IS a policy. Describe how ClearPass can help today and in the future when a BYOD project is initiated.

AAA CIsco ACS or Juniper Steel Belted RADIUS (SBR) State that ACS 4.X and SBR are End of Life (EOL). Pitch benefits of CPPM and ACS trade-in program. What AAA solution are you currently using? Microsoft or Free RADIUS Posiiton platform not optimized for today's network security demands. Pitch benefits of CPPM. Do you have a AAA/RADIUS solution in place today? Do you authenticate your users today? Using Active Directory Pitch CPPM as full AAA/policy solution for extra security and policy flexibility to support differentiated access. Pitch CPPM as full AAA/policy solution for extra security and policy flexibility to support differentiated access. A RADIUS server is a required component in an 802.1X enabled network. Pitch CPPM as full AAA/policy solution for extra security and policy flexibility to support differentiated access. Are you planning to deploy 802.1X? Position CPPM and captive portal for web based user authentication.

NAC Printers and other devices that do not support 802.1X or have users associated with them. (Goal to prevent MAC spoofing.) Position CPPM + profiling for device based, differentiated access or CPPM with basic MAC authentication. Known (identified or Company owned) Describe the different types/classes of devices in your environment. Do you define NAC as device based access control? Are you attempting to secure all wired ports? Unknown Position CPPM + profiling to auto discover all devices on the network and provide visibility BYOD Go to BYOD conversation Position CPPM + OnGuard for health checks via permanent or dissolvable agents. Do you wish to perform health or posture checks on devices? What types of devices (Windows, Linux, Mac) and what type of checks do you wish to support? Highlight our support for the embedded Microsoft NAP agent for Windows platforms.

GUEST Self registration Position ClearPass Guest fully automated guest registration and delivery of credentials via SMS, email, or print Mostly day visitors that require internet access Sponsor based registration Position ClearPass Guest secure, sponsored based approval workflow to ensure authorized, trackable access What are your guest access management requirements? Longer term visitors (temporary workers or contractors) that are connected to a department or project Position CPPM with local user accounts (or AD) and differentiated access based on identity and project Large events with many people requiring internet access Do you require customization of the captive portal? Position ClearPass Guest and the customization service Position ClearPass Guest and highlight the capability to import bulk visitor accounts and provide credentials pre-registration.

Product Key Features Benefit Sizing Onboard Automatic configuration of endpoint for 802.1X and other parameters Automatic provisioning of unique credentials and device registration Reduction of IT effort to manually configure devices Complete visibility of devices and associated users. Secure mgmt of device if lost/stolen. Total number of endpoint devices that will connect to portals Flexible, policy based system to satisfy multiple use case scenarios Reduced cost - Single platform to manage all network based policy Total number of authenticating devices Policy Manager Increased visibility and correlation of user, device, authentication data Reduce IT time and effort to view collection of data points to solve issues faster + Automatic detection of all devices on the network Reduce IT effort - Visibility to all network connected devices Total number of devices connected to the network profiling Detection and categorization of unmanageable devices Increase security - Prevent MAC spoofing and wired port hijacking Device categorization and population of CPPM database Enable BYOD by creating device based policies OnGuard Health/posture checking of laptop and desktop devices Compliance based checking of devices for unacceptable applications or behavior Reduce chances of virus and malware based attacks Reduce risk and network usage associated with unsecure or problematic applications Total number of devices being health checked (Windows, Linux and Macintosh only) Guest Automated workflow for enabling guest access Reduction of IT staff (sponsors) time and effort to manually provision guests Total number of guests per day Custom look-and-feel for different guest or sponsor portals Improved user experience www.arubanetworks.com 1344 Crossman Avenue. Sunnyvale, CA 94089 1-866-55-ARUBA Tel. +1 408.227.4500 Fax. +1 408.227.4550 info@arubanetworks.com 2012 Aruba Networks, Inc. Aruba Networks trademarks include AirWave, Aruba Networks, Aruba Wireless Networks, the registered Aruba the Mobile Edge Company logo, Aruba Mobility Management System, Mobile Edge Architecture, People Move. Network Must Follow, RFProtect, and Green Island. All rights reserved. All other trademarks are the property of their respective owners. Guide_ClearPassConversation_06XX12

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback