HPE Aruba Networking ClearPass Advanced Configuration (CPAC)

Public Key Infrastructure

• Describe PKI infrastructure
• Evaluate the advantages and disadvantages of public and private PKIs
• Understand best practices for public and private certificates on ClearPass

ClearPass cluster

• The licensing module for ClearPass
• Request certificates for RADIUS and HTTPS
• Upgrade the ClearPass system
• Run and secure backups

Upgrade ClearPass cluster

• Describe ClearPass cluster upgrade procedures
• Analyze best practices on cluster updates

Cluster troubleshooting

• Revise common upgrade failures
• Assess and troubleshoot failed cluster upgrades

Enrollment over Secure Transport

• Define EST
• EST’s main components
• Configure and monitor ETS

RadSec

• Describe RadSec, its main components and characteristics
• Configure RadSec
• Troubleshoot RadSec

ClearPass access request process

• Describe the service classification and match process
• The process of an access request
• Perform services troubleshooting

Creating services and rules manually

• Describe the process of manually creating a service and its dependencies
• Manually configure new services, enforcement policies and profiles
• Explore the different parts of a service and best practices of naming convention and maintenance

Dual SSID OnBoard

• Compare single and dual SSID device onboarding
• The benefits of dual SSID onboarding
• Configure dual SSID onboarding
• Managing usercertificates

Implementing MPSK

• MPSK concept
• Configure MPSK with user self-registration
• Configure MPSK for a device group
• Troubleshooting MPSK

Wired onboarding/profiling

• Onboarding process for wired devices
• Configure services for wired devices onboard
• Troubleshoot wired authentication and profiling

Dynamic Segmentation - BYOD, employee, and guest

• Concepts of dynamic segmentation
• ClearPass functions related to dynamic segmentation
• Configure downloadable user roles to support dynamic segmentation