Open as PDF
About SODA Endpoint Security 545
If the security checks fail, the WX switch can deny the client access to
the network, or grant the client limited access based on a configured
When the client closes the Virtual Desktop, the WX switch can
optionally disconnect the client from the network.
on WX Switches
This section describes how the SODA functionality is configured to work
with a WX switch, and the procedure that takes place when a user
attempts to connect to an SSID where the SODA functionality is enabled.
Note that in the current release, the SODA functionality works only in
conjunction with the Web Portal WebAAA feature.
SODA functionality on a WX switch is configured as follows:
1 Using SODA Manager, a network administrator creates a SODA agent
based on the security needs of the network.
2 The network administrator exports the SODA agent files from SODA
Manager, and saves them as a .zip file.
3 The SODA agent .zip file is uploaded to the WX switch using TFTP.
4 The SODA agent files are installed on the WX switch using a CLI
command that extracts the files from the .zip file and places them into a
5 SODA functionality is enabled for an SSID that also has Web Portal
Once configured, SODA functionality works as follows:
1 A user connects to a MAP managed by a service profile where SODA
functionality is enabled.
2 Since the Web Portal WebAAA feature is enabled for the SSID, a portal
session is started for the user, and the user is placed in the VLAN
associated with the web-portal-ssid or web-portal-wired user.
3 The user opens a browser window and is redirected to a login page,
where he or she enters a username and password.
4 The user is redirected to a page called index.html, which exists in the
SODA agent directory on the WX switch.
5 The redirection to the index.html page causes the SODA agent files to be
downloaded to the user’s computer.