Aruba Instant 6.5.0.0-4.3.0.0 | User Guide
Services |
282
Chapter 23
Services
This chapter provides information on how to configure the following services on an IAP:
l
Configuring AirGroup on page 282
l
Configuring an IAP for RTLS Support on page 291
l
Configuring an IAP for Analytics and Location Engine Support on page 292
l
Managing BLE Beacons on page 293
l
Configuring OpenDNS Credentials on page 294
l
Integrating an IAP with Palo Alto Networks Firewall on page 295
l
Integrating an IAP with an XML API Interface on page 297
l
CALEA Integration and Lawful Intercept Compliance on page 299
Configuring AirGroup
AirGroup provides a unique enterprise-class capability that leverages zero configuration networking to enable
AirGroup services from mobile devices efficiently. Zero configuration networking enables service discovery,
address assignment, and name resolution for desktop computers, mobile devices, and network services. It is
designed for flat, single-subnet IP networks such as wireless networking at home. The users can register their
personal devices and define a group of users who can share the registered devices. Administrators can register
and manage an organization's shared devices such as printers and grant global access to each device, or restrict
access according to the username, role, or user location.
In large universities and enterprise networks, it is common for devices to connect to the network across VLANs.
As a result, user devices on a specific VLAN cannot discover a service that resides on another VLAN. As the
addresses used by the protocol are link-scope multicast addresses, each query or advertisement can only be
forwarded on its respective VLAN, but not across different VLANs. Broadcast and multicast traffic are usually
filtered out from a wireless LAN network to preserve the airtime and battery life. This inhibits the performance
of AirGroup services that rely on multicast traffic. Aruba addresses this challenge with AirGroup technology.
The distributed AirGroup architecture allows each IAP to handle multicast DNS (mDNS) and Digital Living
Network Alliance (DLNA) queries and responses individually instead of overloading a VC with these tasks. This
results in a scalable AirGroup solution.
The AirGroup solution supports both wired and wireless devices. An AirGroup device can be registered by an
administrator or a guest user.
1. The AirGroup administrator gives an end user the AirGroup operator role, which authorizes the user to
register the client devices on the ClearPass Policy Manager platform.
2. IAPs maintain information for all AirGroup services. IAP queries ClearPass Policy Manager to map each
device’s access privileges to the available services and responds to the query made by a device based on
contextual data such as user role, username, and location.