Personal AirGroup

AirGroup supports Personal AirGroup in AOS-10. This feature allows restriction of device visibility to owner-devices only. When a user restricts the server visibility of personal devices, all devices other than the listed servers and the devices that authenticate with administrator usernames are visible to the clients that authenticate with the same username.

Device visibility is as follows:

  • Personal—servers owned and managed by individual users, and are accessible to their owners, friends, colleagues, and so on (as per the configuration policy).
  • Public—servers owned and managed by the organization and IT, and are accessible to enterprise users (as per the configuration policy).
  • Sharing of devices will be supported in a later release.

When the MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address of a device is used as a username, such a device is not learned if:

  • It is a personal device - Such a device must have a username to make it discoverable.

  • It is a public device - The MAC address must be added to the servers list to make it visible to all users.

Wired servers cannot be personal devices.

For personal device visibility to reflect name change in a named MPSK Multi Pre-Shared Key. The Cloud Authentication and Policy server enables MPSK in a WLAN network in Aruba Central, to provide seamless wireless network connection to the end-users and client devices., disable and re-enable the MPSK.

For more information about enabling Personal AirGroup, see Enabling Personal AirGroup.

Personal Devices

  • Any device that has a username is treated as a personal device by default. HPE Aruba Networking Central will push a username policy to the one-hop neighbor APs, restricting the server visibility to the owner only.
  • Users falling under the same username bucket as personal devices will be able to discover the servers within the vicinity of its one-hop neighbors. Users outside the username bucket cannot discover the servers.
  • For any personal device, the username policy will supersede the global policy, if any.

For more information about setting the visibility type of a personal device to Public, see Setting the Visibility of a Personal Device to Public.

Sharing of Personal Devices

The Personal AirGroup functionality also enables device owners to share their devices with other users on the network, through the CloudGuest UI. For more information, see Sharing a Device on CloudGuest.

Public Devices

  • Any device without a username or a device that has a username identified as a public username (this username will be a part of the Username(s) associated with public server list) is treated as a public device.
  • For any device that is identified as a public device, no username policy is pushed. Instead, if a global policy is present for the server, HPE Aruba Networking Central will push the Global policy to the corresponding APs, which will be visible to all the users in the shared location.

For more information about setting the visibility type of a public device to Personal, see Setting the Visibility of a Public Device to Personal.

Limitations

The limitations of Personal AirGroup are as follows:

  • Device owners can discover their respective servers only within the one-hop vicinity.
  • Wired untrusted devices with usernames are treated as public devices.
  • Sharing of a personal device with other users is not available, and will be supported in a later release.
  • Changing the name of a named MPSK requires a connection-refresh to put the users or servers back to the correct user bucket.
  • The usernames of servers with a MAC-authentication, are displayed as their MAC-address, and their visibility is set as Public.
  • An MPSK that uses CPPM as the authentication server is not supported.
  • Manually adding devices (personal devices without a username association) is not supported.
  • AirPrint server visibility can be seen from anywhere by the user but is restricted to the one-hop vicinity only, for shared users.
  • Even If a server remains offline, it may be listed in the My Devices page.
  • It is recommended to disable Personal Area Network (PAN) when AirGroup is enabled.