Scenario:
An architect proposes these products for a customer who wants a wireless and wired upgrade:
✑ Aruba 2930M switches at the access layer
✑ Aruba 5406R switches at the core
✑ Aruba AP-325s
✑ Aruba 7205 Mobility Controllers (MCs), deployed in a cluster
✑ Aruba Mobility Master (MM)
✑ Aruba ClearPass Cx000V
✑ Aruba AirWare
The architect also needs to propose a security plan for the solution. The customer has 900 employees and up to 30 guests a day. The customer wants to protect the internal perimeter of the network with authentication and simple access controls. The customer is most concerned about wireless security, but also wants to ensure that only trusted users connect on the wire. However, the customer also wants all wired traffic to be forwarded locally on access layer switches. The customer already has a third-party firewall that protects the data center.
The customer wants to use certificates to authenticate user devices, but is concerned about the complexity of deploying the solution. The architect should recommend a way to simplify. For the most part users connect company-issued laptops to the network. However, users can bring their own devices and connect them to the network. The customer does not know how many devices each user will connect, but expects about two or three per-user. DHCP logs indicate that the network supports a maximum of 2800 devices.
Refer to the provided scenario.
Which solution should the architect recommend on the 2930M switches to authenticate and control wired employee devices?