A customer currently has an Instant AP deployment. Which customer requirement would indicate that the customer needs to add a controller to the deployment?
A.
the requirement to apply role-based firewall policies
B.
the requirement for a captive portal for guests
C.
the requirement to provide client-to-site VPN acces for remote users
D.
the requirement for a cloud-based management solution
A customer who has an Instant AP deployment and needs to provide client-to-site VPN access for remote users would benefit from adding a controller to the deployment. A controller can act as a VPN concentrator that terminates the VPN tunnels from the remote clients and provides secure access to the corporate network. The controller can also apply firewall policies and role-based access control to the VPN traffic. An Instant AP deployment alone cannot provide this functionality, as it only supports site-to-site VPN between Instant AP clusters12. The other options do not require a controller, as they can be achieved with an Instant AP deployment. An Instant AP deployment can apply role-based firewall policies using the built-in stateful firewall on each Instant AP3. An Instant AP deployment can also provide a captive portal for guests using the internal orexternal web server options4. An Instant AP deployment can be managed by a cloud-based solution such as Aruba Central, which does not require a controller5. References:
1: Understanding IAP-VPN Architecture - Aruba
2: Configuring IAP-VPN - Aruba
3: Firewall Roles and Policies - Aruba
4: Configuring Captive Portal - Aruba
5: Managing Instant AP from Aruba Central - Aruba
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit