AOS Release 6.4.6.R01 Release Notes November 2013
Bring Your Own Device (BYOD)
The Alcatel-Lucent OmniSwitch implementation of BYOD leverages the Aruba ClearPass Policy Manager
(CPPM) and Access Guardian features on the OmniSwitch. It allows guest acces or onboarding of both
wired or wireless devices such as employee, guest, employee owned or silent devices through an
OmniSwitch edge device with ClearPass as a RADIUS server or RADIUS proxy. This feature supports the
following functionalities:
• Unified access policy management solution for Wireline and Wireless networks using CPPM
• Integration with Access Guardian UNPs and 802.1x authentication
• Restricts access to the network and validation for end user devices including employees with IT
supplied devices, IP phones, employees personal devices, guest devices, access points, cameras,
and silent devices such as printers.
• CPPM can act as a RADIUS server for new deployments or RADIUS proxy for existing networks.
Self-service/self-registration by Employees when they connect to the Enterprise network using
their personal device through CPPM.
• Captive portal hosted on CPPM for this feature.
• Device Profiling and Posture Check. Registration and tracking of devices associated with
Employees and approved for usage.
• Redirection and restricted access for non-compliant devices.
• Zero-touch Auto-configuration of employee personal devices based on pre-defined role-based
Configuration profiles.
• Differentiated access & user experience policies based on Corporate or Employee Personal device,
Applications and Role.
• Integration with RADIUS Server and CPPM for Authentication, Authorization and Accounting.
• Automatic provisioning of Applications such as NAC Agent, MDM Client as part of the device
enrollment process on Employee Personal Devices.
• Automatic provisioning of Device Certificates that are dynamically requested, issued and installed
on the Employee Personal Device with association to Employee corporate Credentials
• Provides notification of BYOD policy violations, usage statistics, time and cost information to the
end-user in real-time.
• RADIUS Change of Authorization (CoA)
o A mechanism to change AAA attributes of a session after authentication
o New Profile sent as an attribute in the message
o Disconnect Message to terminate user session and discard all user context
o Port bounce capability can be configured on the OmniSwitch to ensure a clean re-
authentication process for non-supplicant devices.
o URL redirect and port location information
In addition to BYOD section in OmniSwitch user guides additional configuration examples can be
viewed on the Alcatel-Lucent Enterprise Demo channel:
http://www.youtube.com/playlist?list=PLrzAZN530GJ8kfUJCNsjIhJW6cAV5AACb
OmniSwitch 6850E/6855/9000E------ Release 6.4.6.R01 Page 17 of 80
To Next Page
Loading...
