BYOD access control

This feature allows the RADIUS server to push different register pages and assign different authorization attributes to clients on different endpoint devices.


[NOTE: ]

NOTE:

This feature supports only IMC servers to act as the RADIUS server in the current software version.


The following process illustrates the BYOD access control for a WLAN client that passes 802.1X or MAC authentication:

  1. The authenticator performs the following operations:

    1. Obtains the Option 55 attribute from DHCP packets.

    2. Delivers the Option 55 attribute to the RADIUS server.

    On an IMC server, the Option 55 attribute will be delivered to UAM.

  2. The BYOD-capable RADIUS server performs the following operations:

    1. Uses the Option 55 attribute to identify endpoint device information including endpoint type, operating system, and vendor.

    2. Sends a register page and assigns authorization attributes to the client according to the device information.