Aaa Framework; Figure 3 Interactions Involved In Guest Access - Aruba Networks PowerConnect W Clearpass 100 Software Deployment Manual

Figure 3 Interactions involved in guest access

The Amigopod Visitor Management Appliance is part of your network's core infrastructure and manages
guest access to the network.
NAS devices, such as wireless access points and wired switches on the edge of the network, use the
RADIUS protocol to ask the Amigopod Visitor Management Appliance to authenticate the username and
password provided by a guest logging in to the network. If authentication is successful, the guest is then
authorized to access the network.
Authorized access uses the concept of roles. Each visitor is assigned a role, which consists of a group of
RADIUS attributes. These attributes are used to control every aspect of the guest's network session,
effectively defining a security policy that controls what the guest is permitted to do on the network. Vendor-
specific attributes may be used to configure the finer details of the NAS security policy.
The network usage of authorized guests is monitored by the NAS and reported in summary form to the
Amigopod Visitor Management Appliance using RADIUS accounting, which allows administrators to
generate network usage reports.

AAA Framework

The Amigopod Visitor Management Appliance is built on the industry standard AAA framework, which
consists of authentication, authorization and accounting components.
The following figure shows how the different components of this framework are employed in a guest access
scenario. See Figure 4.
Amigopod 3.7 | Deployment Guide Management Overview | 23