Professional Documents
Culture Documents
APU - Cert0101 - Apr2019-Sort by Modules
APU - Cert0101 - Apr2019-Sort by Modules
Cert0101: HPE6-A42
This guide is not to meant to replace “Implementing Aruba Wireless”
course. Students are advise to go through the IAW guide before using
this material.
1
6/11/19
Module 1
WLAN Fundamentals and RF Basics
2
6/11/19
3
6/11/19
Antenna Gain
high-gain omni-directional antenna provide more horizontal coverage and less vertical
coverage compare to a typical omni-directional antenna
MIMO
typical office environment with many surfaces where the signal can bounce increase
wireless speeds with MIMO
4
6/11/19
MU-MIMO
Unique in 802.11ac Wave 2 AP
5
6/11/19
Module 2
Mobile First Architecture
6
6/11/19
Controllers Model
determine number of supported users and firewall throughput
7010 vs 7024
7024 support more POE devices directly connected to MC
7
6/11/19
Controller Portfolio
7030 support 64 AP
Controller Portfolio
Aruba Controllers deployment is new to ArubaOS 8: virtual appliances
8
6/11/19
IAP
IAPs operate in an autonomous or standalone mode
Master-Local Mode
The company already has a partially hierarchical deployment based on the 6.x code and
wants to keep the current architecture.
9
6/11/19
Mobility Master
It manages VLAN and routing configuration for multiple Mobility Controllers (MCs).
10
6/11/19
AP Failover
Cluster of Mobility Controllers provide high availability for APs
11
6/11/19
License Pool
All licenses install in MM.
Enable License
Enable feature in the Global Usage window
12
6/11/19
Licensing
Max number of AP supported (32)
13
6/11/19
License Redundancy
MC retains its current licenses for 30 days when MM is not reachable.
Controller Matrix
AP count, User count, Firewall throughput
14
6/11/19
Module 3
Mobility Master Mobility Controller Configuration
GUI Hierarchy
15
6/11/19
Module 4
Secure WLAN Configuration
16
6/11/19
AP Group
Place APs in different buildings in different AP Groups to have different config.
Profiles
AAA profile to assign an authentication server group
17
6/11/19
WLAN Creation
No Broadcast SSID: Hidden SSID
18
6/11/19
Forwarding Mode
Decrypt-tunnel: User traffic decrypt at AP
19
6/11/19
Module 5
AP Provisioning
20
6/11/19
Radius Authentication
Mobility Controller exchanges RADIUS packets with the RADIUS server
AirMatch
With new AP run
21
6/11/19
Controller Discovery
Map the Mobility Controller (MC not MM) IP addresses to the aruba-master name on the
network DNS server.
Module 6
WLAN Security
22
6/11/19
WPA/WPA2 Negotiation
Keys are generated and distributed securely during each wireless user authentication
process.
MAC Authentication
Authorized MAC addresses are visible in plaintext in the air and can be easily spoofed
23
6/11/19
Authentication Methods
802.1X authentication occurs at Layer 2, while captive portal authentication occurs at Layer
3.
24
6/11/19
WPA2-Enterpise
Require Radius Server
25
6/11/19
26
6/11/19
EAP-TLS
unique digital certificates installed on user devices to authenticate wireless users
Machine Authentication
authenticate the Windows clients as well, based on the client Computer Names.
27
6/11/19
ClearPass
RADIUS Authentication Server
LDAP
Authenticate directly against an Active Directory (AD) domain controller without NPS or IAS
28
6/11/19
29
6/11/19
WIDS
Protect attack at Layer 2
30
6/11/19
Module 7
Firewall Roles and Policies
31
6/11/19
32
6/11/19
Firewall Rule
user any any permit rule It permits traffic from wireless clients as long as the packet has a
source IP.
33
6/11/19
Application Rule
prevent wireless users from accessing shopping web sites with a bad reputation.
34
6/11/19
Global Rule
It immediately applies to the guest role and other roles, as part of the first policy applied to
the role.
35
6/11/19
Module 8
Dynamic RF Management
36
6/11/19
AirMatch
MM generates the channel and power plan for an AP
37
6/11/19
38
6/11/19
AirMatch FAQ
Disable ARM profile does not affect AirMatch
Client Match
balance wireless devices across APs on different channels
39
6/11/19
Module 9
Guest Access
40
6/11/19
L3 Deployment
VLAN interfaces on the Mobility Controllers (MCs) as the default gateway for wireless users
41
6/11/19
42
6/11/19
43
6/11/19
Guest-logon role
allows DHCP, DNS, and internal captive portal redirection for a guest WLAN
WebUI Certificate
44
6/11/19
Guest Access
Add ClearPass as Radius Server
45
6/11/19
ClearPass Guest
Option for Guest to create own account
Module 10
Network Monitoring and Troubleshooting
46
6/11/19
Top Banner
list of alerts about a variety of issues on the MM or managed devices
Client Dashboard
Display roles to which these users are actually assigned
47
6/11/19
Client Health
50% means the AP about twice as long to send data to the client as expected if all
transmissions succeeded.
Performance Dashboard
monitor the health status of all APs, and clients
48
6/11/19
Traffic Analysis
The solution must have active PEFNG licenses.
Filter View
To see the break down for only roles, destinations, WLANs and devices that use this application
49
6/11/19
AirWave vs MM
AirWave collect and analyze information about client and AP over extended periods of time
50
6/11/19
51
6/11/19
MM Dashboard
to analyze short terms trends in network usage by client, AP, and application
52
6/11/19
AirWave
Configuration Status: Error (Communication Issues)
53
6/11/19
54
6/11/19
55