An administrator is concerned about the security of the control plane connection between an AOS-CX switch and an Aruba Mobility Controller (MC) when implementing user-based tunneling. How should the administrator protect this traffic?
An administrator is concerned about the security of the control plane connection between an AOS-CX switch and an Aruba Mobility Controller (MC) when implementing user-based tunneling. How should the administrator protect this traffic?
To ensure the security of the control plane connection between an AOS-CX switch and an Aruba Mobility Controller when implementing user-based tunneling, it is crucial to protect the communication from potential attacks. By using PAPI (Protocol API) with an MD5 pre-shared key, the integrity and authenticity of the messages between the switch and the controller can be verified, ensuring that the control plane communication is secure. This method helps prevent unauthorized access and misuse of licenses on the controller.
C (page 785 Study Book)
The answer is C, Page 343
Page 762 Study Guide: Important: You should always implement PAPI MD5 security to protect communications between the controller and switch, as well as protecting against malicious misuses of licenses, since each switch request consumes a license(s) on the MC. [Aruba Networks]
The correct Answer is C
Agreed, answer is C
I think it is C. Implementing ArubaOS-CX Switching Rev 20.21, page 164: "(...) However, where APs use IPSec to protect the PAPI connection between the AP and MC, AOS-CX switches do not support this protection. Instead, you can optionally implement an MD5 HMAC function to protect PAPI between the AOS-CX switches and MCs"