Filter
Top Products
Campus Wireless Networks Validated Reference Design Version 3.3 | Design Guide A Proof-of-Concept Network | 17
Users will associate to the Access Point and authenticate with the RADIUS server that already exists in
the network. Employee users will use the Employee SSID, while guests will use the Guest SSID. Voice
and data devices will associate to the Application SSID, and will be given a role based on the network
services they are capable of accessing.
Each user and device has a specific role and associated policy enforced by the stateful firewall in the
Mobility Controller. The Employee user now has full access to all resources within the network and the
internet. Guest users are only permitted to access the Internet using specific protocols such as HTTP
and HTTPS. Application devices are only able to access related application servers; for example, a
phone running SIP can only access the SIP server to make calls.
This simple network describes the overlay functionality of an Aruba network, and shows how network
control and policy enforcement is built into the fabric of the system. Users are only able to access those
resources they have permissions for, and only after they have successfully authenticated to the
network. This is the definition of an Aruba User-Centric Network.