Enterasys c1g124-24 Benutzerhandbuch

User Personalized Networks (UPN) is an architecture that allows network administrators to map 
network services to identified users, machines, peripherals and other network entities. UPN 
consists of three tiers:

Classification rules make up the first or bottom tier. The rules apply to devices in the UPN 
environment, such as switches and routers. The rules are designed to be implemented at or near 
the user’s point of entry to the network. The rules are typically at Layer 2, 3, or 4 of the OSI 
network model.

The middle tier is Services, which allows multiple classification rules to be aggregated. Services 
can include e-mail and Internet access. 

Roles, or Behavioral Profiles make up the top tier. The roles assign services to various business 
functions or departments, such as executive, sales, and engineering. 

To implement most roles, UPN requires authentication such as 802.1x using EAP-TLS, 
EAP-TTLS, or EAP-PEAP. Authorization information, attached to the authentication response, 
determines the application of the UPN policy. One way to communicate the authorization 
information is to include the Policy Name in a RADIUS Filter-ID attribute. A UPN administrator 
can also define a role to be implemented in the absence of an authentication and authorization.

Refer to the release notes shipped with the module for details.

The rules can only be implemented on the Matrix system by the Enterasys NetSight Policy 
Manager, which is described on the web site at