Cisco Cisco 5508 Wireless Controller Referencia técnica
2
Wireless Device Profiling and Policy Classification Engine on WLC
Scope, Objectives, and Expectations
Scope, Objectives, and Expectations
Profiling and policy enforcement allows profiling of mobile devices and basic onboarding of the profiled
devices to a specific VLAN assigns ACL and QOS, or configures session timeout. It can be configured
as two separate components. The configuration on the WLC is based on defined parameters specific to
clients joining the network. The policy attributes which are of interest are:
devices to a specific VLAN assigns ACL and QOS, or configures session timeout. It can be configured
as two separate components. The configuration on the WLC is based on defined parameters specific to
clients joining the network. The policy attributes which are of interest are:
a.
Role – Defines the user type or the user group the user belongs to, for example, student or
employee.
employee.
b.
Device – Defines the type of device, for example, Windows machine, Smart phone, Apple
device such as iPad, iPhone and so on.
device such as iPad, iPhone and so on.
c.
Location – Defines where the end point is connected on the network. Location represents AP
group. APs can be divided or grouped according to the location and policy can be applied per
AP group.
group. APs can be divided or grouped according to the location and policy can be applied per
AP group.
d.
Time of day – Allows configuration to be defined at what time of the day end-points are allowed
on the network.
on the network.
e.
EAP Type - Checks what EAP method the client is getting connected to.
The above parameters are configurable as policy match attributes. Once WLC has a match corresponding
to the above parameters per end-point, policy enforcement comes into picture. Policy enforcement
allows basic device on-boarding of mobile devices based on session attributes such as:
to the above parameters per end-point, policy enforcement comes into picture. Policy enforcement
allows basic device on-boarding of mobile devices based on session attributes such as:
a.
VLAN Assignment
b.
ACL
c.
Session Timeout
d.
QoS