Overview Mist Access Assurance allows you to integrate natively into JAMF Pro Endpoint Management platform for the purposes of checking managed endpoint compliance state. JAMF managed devices (macbooks, iOS or iPadOs mobile devices) are evaluated by JAMF for compliancy using Smart Computer Groups for macbooks and Smart Device Groups for iPads and iOS devices (presence...
We've moved! Check out the new Juniper Mist Documentation
- Getting Started
- Wireless
- Wired Switching
- WAN Edge
- Mist Access Assurance
- Location Based Services
- Premium Analytics
- Security and Cloud Administration
- MSP
- Automation
- Product Updates
- Marvis
- Security Alerts
- FAQ
Configuration
Overview When clients are using any form of EAP authentication, authentication is always mutual, i.e. both the client need to trust or authenticate the server they are talking to, as well as the server needs to authenticate the client. First step of that mutual authentication is for the client to validate or trust a Server...
Currently TEAP is only supported on Windows 10 and above. As of time of this writing WiFi/Wired profile with TEAP can only be configured manually or via scripts, which can be distributed via MDM/GPO. Current MDM solutions do not provide out-of-the box support for TEAP configuration. Navigate to Control Panel > Network and Sharing...
This article covers requirements and installation instructions of a Mist Edge VM for the purposes of Mist Auth Proxy functionality. The following are the minimum hardware requirements for a Mist Edge VM for Mist Auth Proxy feature. Supported Hypervisor: VMware ESXi, tested versions – 6.7.0 and 7.0. Sizing for a Production is as below: CPU:...
Overview Mist Access Assurance provides a capability to integrate with eduroam NROs (National Roaming Operators) using Mist Edge acting as a RADIUS proxy. Mist Edge would act as a gateway to eduroam RADIUS servers with a static public IP or NAT IP assigned such that it can be registered as a RADIUS client in the...
Overview Mist Access Assurance allows you to integrate our authentication service natively into Okta directory using OAuth. How can you leverage OKTA as Identity Provider in combination with Mist Access Assurance? User authentication via EAP-TTLS Authenticate User by doing delegated authentication checking username and password via OAuth Obtain user group memberships to leverage them in...
Passwords vs Certificates – TL;DR Understand your use-cases. Select the right authentication method (802.1X or MPSK) that has the right balance between security vs client and user capabilities. Certificates are always recommended especially as a long-term solution, current onboarding mechanisms provide good way to control cert provisioning at scale for all your client population. Use...