Header Only - DO NOT REMOVE - Extreme Networks

Does NAC have the capability to identify company issued devices by the certificate installed on them and can NAC mesh with Intune?

  • 16 June 2016
  • 1 reply

We are trying to see what our options or for identifying mobile devices by the certificate installed on them. We would be using Intune to push group policy settings and a cert. Currently the NAC is setup with AD connectivity. Can a rule be built to catch devices with a company issued cert and also would we need to use a particular auth method? Could we use a captive portal or would we need to use 802.1X?

1 reply

Userlevel 7
You can define rules based on 802.1x method = if EAP-TLS and the certificate is from the right CA then access granted as "company owned device". You can also verify the username (from CN) against LDAP for additional distinguishing...