cancel
Showing results for 
Search instead for 
Did you mean: 

Assign a device to Policy Manager

Assign a device to Policy Manager

Safaa
New Contributor
Hello everybody,

I'm working on the deploiment of NAC, the probleme is when I want to assign a device to a domain it shows that it's unsuported which means that appliying a policy to juniper switch and Summit X440 is unsuported.
For the Extreme witch I should just make an upgrade because the current version that I have is 15.2.

So what about Juniper switch? how can I make it supported boy Plicy Manager ?


Thank you,
1 ACCEPTED SOLUTION

ar1
Contributor
Hi,
I'm not sure but was "Policy Management" not a special feature of Enterasys?

I guess it will only support by Enterasys and newer Extreme Switches (like X440G2 od X460X2 and S/K/B/C/D/G-Series).

I think, that other devices like Juniper/Cisco/HP etc. will not support the Extreme Policies.

Regards,
Axel

View solution in original post

3 REPLIES 3

Zdeněk_Pala
Extreme Employee
In addition to Tomasz:

Policy rules can be translated to downloadable ACLs for Cisco an HPE and to some cloud providers. No Juniper as today.

Regards

Z.
Regards Zdeněk Pala

Tomasz
Valued Contributor II
Hello Safaa,

Extreme Policy is a feature based on Enterasys portfolio capability. Only newer devices (X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X870, but also X770 which is a 'first generation model') support Extreme Policy. And ex-Enterasys devices of course, both switches and wireless (ExtremeWireless, formerly IdentiFi).
If you wanted to get policy feature on Juniper or other third party, it would have to support such feature first. However, there is no straightworward option for out-of-the-box translation of a policy domain to 3rd party devices.
What you can do, is to check the RADIUS attributes that Juniper can take during user/device authentication and authorization, like VLAN (RFC3580) but maybe other things as well (1st gen EXOS devices were based on issuing scripts - called with RADIUS attribute by their names - to reconfigure port on which a user got authenticated at the moment; Cisco Catalysts support dynamic ACL to apply on a port, etc.). These things can be ordered from Extreme Access Control that handles the authentication being an AAA server from the switches' perspective.

Hope that helps,
Tomasz

ar1
Contributor
Hi,
I'm not sure but was "Policy Management" not a special feature of Enterasys?

I guess it will only support by Enterasys and newer Extreme Switches (like X440G2 od X460X2 and S/K/B/C/D/G-Series).

I think, that other devices like Juniper/Cisco/HP etc. will not support the Extreme Policies.

Regards,
Axel
GTM-P2G8KFN