Технические ссылки для Cisco Cisco 5760 Wireless LAN Controller
3
Profiling and Policy on Cisco Unified Access CT5760 Controllers and Catalyst 3850 Switches Deployment Guide, Cisco IOS XE Software Release
Local Profiling
Figure 2
Catalyst 3850 Switch
The CAT3850 switch provides an open service platform. It has a 4-core CPU to leverage the operating
system (OS) and to host various services. The CAT3850 hardware is the next-generation switching
hardware.
system (OS) and to host various services. The CAT3850 hardware is the next-generation switching
hardware.
The CAT3850 switch has unified wired and wireless architecture. The wireless OS is based on Cisco
IOS. The UA CAT3850 switch provides uniform wired and wireless policies. The CAT3850 switch can
manage 50 APs (802.11n) and support 2000 clients per stack.
IOS. The UA CAT3850 switch provides uniform wired and wireless policies. The CAT3850 switch can
manage 50 APs (802.11n) and support 2000 clients per stack.
Local Profiling
Cisco currently offers a rich set of features such as device identification, onboarding, posture, and policy
management through ISE. However, large sets of customers do not deploy ISE but still require some of
the above mentioned features. WLC is enhanced with some of these capabilities. This document deals
with basic configuration of device profiling and policy implementation through Cisco WLC.
management through ISE. However, large sets of customers do not deploy ISE but still require some of
the above mentioned features. WLC is enhanced with some of these capabilities. This document deals
with basic configuration of device profiling and policy implementation through Cisco WLC.
Cisco WLC performs profiling of devices based on protocols such as HTTP, DHCP, and MAC OUI to
identify end devices in the network. You can configure the device-based policies and enforce per-user or
per-device policy in the network. The WLC also displays statistics that are based on per-user or
per-device end points and policies that are applicable per device.
identify end devices in the network. You can configure the device-based policies and enforce per-user or
per-device policy in the network. The WLC also displays statistics that are based on per-user or
per-device end points and policies that are applicable per device.
When used with Bring your own device (BYOD), local profiling has an impact on understanding the
different devices on the network. This also enables BYOD to be implemented on a small scale within the
WLC itself.
different devices on the network. This also enables BYOD to be implemented on a small scale within the
WLC itself.
The profiling and policy enforcement are configured as two separate components. The configuration on
the WLC is based on defined parameters specific to clients joining the network.
the WLC is based on defined parameters specific to clients joining the network.
The policy attributes, which are of interest, are:
a.
User Role—User Role defines the user type or the user group the user belongs to, for example:
student, employee and so on.
student, employee and so on.
Role is identified as a Cisco AV-pair from the AAA server and you can configure the role as per
user on the AAA server by issuing the following command:
user on the AAA server by issuing the following command: