User's Manual
90 | Onboard Dell Networking W-ClearPass Guest 6.4 | User Guide
The components shown in Figure 12 are:
1. Users bring different kinds of client device with them. Onboard supports “smart devices” that use the iOS or
Android operating systems, such as smartphones and personal tablets. Onboard also supports the most
common versions of Windows and Mac OS X operating systems found on desktop computers, laptops and
netbooks.
2. The Onboard workflow is used to provision the user’s device securely and with a minimum of user
interaction. The provisioning method used depends on the type of device.
a. Newer versions of Mac OS X (10.7 and later) and iOS devices use the “over-the-air” provisioning method.
b. Other supported platforms use the “Onboard provisioning” method.
3. After it is provisioned, a client device uses a secure authentication method based on 802.1X and the
capabilities best supported by the device.
a. The unique device credentials issued during provisioning are in the form of an EAP-TLS client certificate
for iOS devices and OS X (10.7+) devices.
b. Other supported devices are also issued a client certificate, but will use the PEAP-MSCHAPv2
authentication method with a unique username and strong password.
4. Administrators can manage all Onboard devices using the certificate issued to that device.
Network Architecture for Onboard when Using W-ClearPass Guest
W-ClearPass Guest supports the provisioning, authentication, and management aspects of the complete
Onboard solution. Figure 13 shows the high-level network architecture for the Onboard solution when using
ClearPass Guest as the provisioning and authentication server.
Figure 13 W-ClearPass Onboard Network Architecture when Using W-ClearPass Guest