Figure 14 Sequence Diagram For The Onboard Workflow On Android Platform - Aruba Networks PowerConnect W Clearpass 100 Software Deployment Manual

Figure 14 Sequence Diagram for the Onboard Workflow on Android Platform

1. When a BYOD device first joins the network it does not have a set of unique device credentials. This will
trigger the captive portal for that device, which brings the user to the mobile device provisioning page.
2. The Onboard portal is displayed. The user's device type is detected, and a link is displayed depending on
the device type:
a. For Android devices, the link is to a file containing the Onboard configuration settings; downloading
this file will launch the QuickConnect app on the device.
b. For Windows and Mac, the link is to a executable file appropriate for that operating system that
includes both the QuickConnect app and the Onboard configuration settings.
3. The QuickConnect app uses the Onboard provisioning workflow to authenticate the user and provision
their device with the Onboard server. The device is configured with appropriate network settings and
credentials that are unique to the device.
4. After provisioning has completed, the app switches the device to PEAP authentication using the newly
provisioned unique device credentials. Mutual authentication is performed (the authentication server
verifies the client's username and password, and the client verifies the authentication server's
certificate).
5. The device is now onboard and is able to securely access the network.
The Onboard provisioning workflow is used to securely provision a device and configure it with network
settings.
ClearPass Guest 3.9 | Deployment Guide
Figure 15 on page 64 shows a sequence diagram that explains the steps involved in this workflow.
Onboard | 63