Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Identity Management Overview

The identity management feature allows you to learn more about the users and devices (such as phones and routers) that connect to a switch. In this chapter, users and devices are collectively called identities. The Identity Management feature:
  • Captures identity information when users and devices connect to and disconnect from the switch.
  • Stores captured identity information and identity event data in a local database.
  • Generates messages for user and device events.
  • Makes collected identity information available for viewing by admin-level users and to management applications such as Extreme Management Center or Ridgeline through XML APIs.
  • Uses locally collected identity information to query an LDAP server and collect additional information about connected identities.
  • Supports custom configurations called roles, which are selected based on identity information collected locally and from an LDAP server.
  • Uses roles to enable traffic filtering, counting, and metering on ports (using ACLs and policies) in response to identity events (connections, disconnections, and time-outs).
  • Supports the configuration of blacklist to deny all access to an identity and whitelists to permit all access to an identity.
  • Supports the configuration of greylist to enable the network administrator to choose usernames whose identity is not required to be maintained. When these usernames are added to greylist, the Identity Management module does not create an identity when these users log on.
  • Integrates with UPM to modify the switch configuration in response to discovered identities.
  • Services users under different domains by allowing different domains to be configured and then associating different LDAP servers for those different domains.
Note

Note

This chapter discusses identity management features that are managed using the switch CLI. Related features are described in other chapters and in the Extreme Management Center and Ridgeline product documentation. For a description of identity management that ties all the related components together, see the application note titled Deploying an Identity Aware Network, which is available from the Extreme Networks website.
Published March 2020prev | next

Email this topicEmail this topic

Print this pagePrint this page