Designing Access Controls

Choose RADIUS Servers

Table 3-67. RADIUS Server Locations (Centralizing Policies)

Access Control

Access Control

RADIUS Server

RADIUS Server

Credential

Credential

Component

Architecture

Devices

Location

Repository

Repository

Combination

 

 

 

 

 

 

Location

General

Multi-site fully

Software servers or

One or more at

Directory

Central site

 

centralized

NAC 800s

central site

service

 

General

Multi-site

Software servers or

One or more at

Directory

Central site

 

distributed AAA

NAC 800s

each site

service

 

 

with centralized

 

 

 

 

 

 

 

policies

 

 

 

 

 

 

Integrated server

Multi-site

AP 530s or Wireless

One or more at

Directory

Central site

 

distributed AAA

Edge Services

each site

service

 

 

with centralized

Modules

 

 

 

 

 

policies

 

 

 

 

 

 

Integrated server/

Multi-site fully

AP 530s or

One or more

Directory

Central site

proxy

centralized

 

Wireless Edge

 

integrated

service

 

 

 

 

Services

 

servers at each

 

 

 

 

 

Modules

 

site

 

 

 

 

Softwareservers

One or more

 

 

 

 

 

or NAC 800s

 

proxy servers at

 

 

 

 

 

 

 

central site

 

 

Integrated server/

Multi-site

AP 530s or

One or more at

Directory

Central site

proxy

distributed AAA

 

Wireless Edge

each site

service

 

 

with centralized

 

Services

 

 

 

 

 

policies

 

Modules

 

 

 

 

 

 

Softwareservers

 

 

 

 

 

 

 

or NAC 800s

 

 

 

 

Turnkey server

Multi-site fully

Software servers or

One or more at

Software

One (or two)

 

centralized

NAC 800s

central site

servers or NAC

servers at central

 

 

 

 

 

 

800s

site

Turnkey server

Multi-site

Software servers or

One or more at

Software

One (or two)

 

distributed AAA

NAC 800s

each site

servers or NAC

servers at central

 

with centralized

 

 

 

 

800s

site

 

policies

 

 

 

 

 

 

Integrated server/

Multi-site fully

AP 530s or

One or more

Software

One (or two)

proxy with turnkey

centralized

 

Wireless Edge

 

integrated

servers or NAC

servers at central

server

 

 

Services

 

servers at each

800s

site

 

 

 

Modules

 

site

 

 

 

 

Softwareservers

One or more

 

 

 

 

 

or NAC 800s

 

proxy servers at

 

 

 

 

 

 

 

central site

 

 

Integrated server/

Multi-site

AP 530s or

One or more at

Software

One (two) servers

proxy with turnkey

distributed AAA

 

Wireless Edge

each site

servers or NAC

at central site

server

with centralized

 

Services

 

 

800s

 

 

policies

 

Modules

 

 

 

 

 

 

Softwareservers

 

 

 

 

 

 

 

or NAC 800s

 

 

 

 

 

 

 

 

 

 

 

 

3-86

Page 202
Image 202
HP Access Control Client Software manual Radius Server Locations Centralizing Policies