Configuring Roles for Employee, Guest and Application Users

The Aruba system is unique; it combines user-based security as a part of the WLAN model. When a user is authenticated, using one of the methods discussed in the previous section, a role is applied to the user that is enforced via the firewall and the defined policies for that user.

Employee Role

Users who are company employees can be granted a role based on their specific job function, or simply be given a universal ‘employee role’. Additional granularity can be applied, such as permitting a user in engineering to access the engineering subnets but not the finance or accounting servers.

In smaller organizations, users will most likely be placed in a single user subnet that has access to all internal and external resources.

Data center

Master

Internet

File

Web

PBX RADIUS

Employee

VLAN

Employee

 

Guest

SSID

Application

SSID

 

SSID

 

Campus Wireless Networks Validated Reference Design Version 3.3 Design Guide

Mobility Controller Configuration 45

Page 45
Image 45
Aruba Networks Version 3.3 manual Configuring Roles for Employee, Guest and Application Users, Employee Role