Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Use Case Overview

 

Juniper Networks EX Series Ethernet Switches are designed to meet the demands of today’s high-performance businesses. They enable companies to grow their networks at their own pace, minimizing large up-front investments. Based on open standards, EX Series switches provides:

  • Carrier-class reliability

  • Security risk management

  • Virtualization

  • Application control

  • Lower total cost of ownership (TCO

Also, allow businesses to scale in an economically sensible way for years to come.

Aruba ClearPass Policy Manager is a policy management platform that provides role-based and device-based network access control (NAC) for any user across any wired, wireless, and VPN infrastructure. Enterprises can deploy EX Series switches can leverage the extensive RADIUS capabilities on EX Series switches to integrate with Aruba ClearPass. This integration enables enterprises to deploy consistent security policies across their wired and wireless infrastructure.

Enterprises typically have a variety of users and endpoints, which results in multiple use cases that need to be addressed by their policy infrastructure. Depending on the type of endpoint and how it is being used, an endpoint might be authenticated by 802.1X authentication, MAC RADIUS authentication, or captive portal authentication. The policy infrastructure enables any device to be connected to any port on the access switch, and authenticates based on the type of device, the authorization level of the user, or both.

In this network configuration example, we show how to configure Juniper Networks EX Series switches and Aruba ClearPass Policy Manager to use device profiling as part of the authentication process. Device profiling enables Aruba ClearPass to determine the type of endpoint that is being authenticated (for example, whether it is an access point or a VoIP phone or a Windows computer) and then use that information to enforce access policy appropriate to the device type.