Abstract

iMaster NCE-Campus is Huawei’s next-generation autonomous driving network management and control system for campus networks, Huawei campus switches are ideal for building future-proof campus networks with simplified management, high reliability, and service intelligence, across industries such as enterprises, governments, education, finance, and manufacturing. Legacy networks may already have a Network Access Control (NAC) system implemented and, thus, it is important to demonstrate interoperability with such existing systems.

Tolly engineers verified the interoperability of the Huawei Cloud Campus solution with Aruba ClearPass 6.10 across a wide range of function types and interconnection methods with Huawei networking interconnections. Independent interconnections were tested via Huawei switches. Interconnection via Huawei iMaster NCE-Campus was tested for VXLAN, Cloud switches scenarios.

The test suite covered the following areas: access authentication, device management and access control, Extensible Authentication Protocol (EAP) authentication, authorization, Change of Authorization (CoA) and profiling.

Access authentication tests included 802.1X, MAC and escape scenarios. Device management and access control verified TACACS+ command and privilege level authorization. EAP tests included EAP-PEAP, EAP-FAST, TLS and TTLS types. Authorization scenarios included VLAN assignments, ACLs and dynamic ACLs, committed information rates (CAR) and authorizing a user to a security group.

CoA tests included both Huawei reauthenticating and IETF terminating session functions. For profiling, the endpoint was identified using DHCP.

The Huawei Cloud Campus solution passed all the relevant test cases to interoperate with Aruba ClearPass network access control system.