ONEPolicy
ONEPolicy provides for the configuration of role-based profiles for securing and
provisioning network resources based upon the role the user or device plays within the
enterprise. By first defining the user or device role, network resources can be granularly
tailored to a specific user, system, service, or port-based context by configuring and
assigning rules to the policy role. A policy role can be configured for any combination of
Class of Service,
VLAN assignment, or default behavior based upon
L2, L3, and L4 packet fields. Hybrid authentication allows either policy or dynamic VLAN
assignment, or both, to be applied through
RADIUS
authorization.
Note
The software
only allows policy to be enabled if all the devices in the stack support policy. At the time
of configuration the device will provision the lowest common denominator of functionality.
If a device attempts to join the stack after policy is enabled, it must be able to support
the existing level of functionality or it will not be allowed to participate in policy. For
more detailed information about lowest common denominator, see
Policy and Lowest Common Denominator Stacking.