This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Assign a device to Policy Manager

Assign a device to Policy Manager

Go to solution
Safaa
New Contributor

‎05-23-2019 09:44 AM

Hello everybody,

I'm working on the deploiment of NAC, the probleme is when I want to assign a device to a domain it shows that it's unsuported which means that appliying a policy to juniper switch and Summit X440 is unsuported.
For the Extreme witch I should just make an upgrade because the current version that I have is 15.2.

So what about Juniper switch? how can I make it supported boy Plicy Manager ?


Thank you,
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
ar1
Contributor

‎05-23-2019 10:11 AM

Hi,
I'm not sure but was "Policy Management" not a special feature of Enterasys?

I guess it will only support by Enterasys and newer Extreme Switches (like X440G2 od X460X2 and S/K/B/C/D/G-Series).

I think, that other devices like Juniper/Cisco/HP etc. will not support the Extreme Policies.

Regards,
Axel

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
Zdeněk_Pala
Extreme Employee

‎05-24-2019 06:17 AM

In addition to Tomasz:

Policy rules can be translated to downloadable ACLs for Cisco an HPE and to some cloud providers. No Juniper as today.

Regards

Z.
Regards Zdeněk Pala
0 Kudos

Go to solution
Tomasz
Valued Contributor II

‎05-23-2019 12:02 PM

Hello Safaa,

Extreme Policy is a feature based on Enterasys portfolio capability. Only newer devices (X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X870, but also X770 which is a 'first generation model') support Extreme Policy. And ex-Enterasys devices of course, both switches and wireless (ExtremeWireless, formerly IdentiFi).
If you wanted to get policy feature on Juniper or other third party, it would have to support such feature first. However, there is no straightworward option for out-of-the-box translation of a policy domain to 3rd party devices.
What you can do, is to check the RADIUS attributes that Juniper can take during user/device authentication and authorization, like VLAN (RFC3580) but maybe other things as well (1st gen EXOS devices were based on issuing scripts - called with RADIUS attribute by their names - to reconfigure port on which a user got authenticated at the moment; Cisco Catalysts support dynamic ACL to apply on a port, etc.). These things can be ordered from Extreme Access Control that handles the authentication being an AAA server from the switches' perspective.

Hope that helps,
Tomasz
0 Kudos

Go to solution
ar1
Contributor

‎05-23-2019 10:11 AM

Hi,
I'm not sure but was "Policy Management" not a special feature of Enterasys?

I guess it will only support by Enterasys and newer Extreme Switches (like X440G2 od X460X2 and S/K/B/C/D/G-Series).

I think, that other devices like Juniper/Cisco/HP etc. will not support the Extreme Policies.

Regards,
Axel
0 Kudos
GTM-P2G8KFN