Specifications
About SODA Endpoint Security
RoamAbout Mobility System Software Configuration Guide 20-3
5. SODAfunctionalityisenabledforanSSIDthatalsohasWebPortalWebAAAconfigured.
Onceconfigured,SODAfunctionalityworksasfollows:
1. AuserconnectstoanAPmanagedbyaserviceprofilewhereSODAfunctionalityisenabled.
2. SincetheWebPortalWebAAAfeatureisenabledfortheSSID,aportalsessionis
startedfor
theuser,andtheuserisplacedintheVLANassociated withtheweb‐portal‐ssidorweb‐
portal‐wireduser.
3. Theuseropensabrowserwindowandisredirectedtoaloginpage,whereheorsheentersa
usernameandpassword.
4. Theuserisredirectedtoapage
calledindex.html,whichexistsintheSODA agentdirectoryon
theRoamAboutSwitch.
5. Theredirectiontotheindex.htmlpagecausestheSODAagentfilestobedownloadedtothe
user’scomputer.
6. OncetheSODAagentfileshavebeendownloaded,oneofthefollowingcantakeplace:
a. IftheRoamAboutSwitchis
configuredtoenforcetheSODAagentsecuritychecks(the
default),thentheSODAagentchecksarerunontheuser’scomputer.Iftheuser’s
computerpassesthechecks,thenacustomizablesuccesspageisloadedinthebrowser
window.TheuseristhenmovedfromtheportalVLANtohisor
herconfiguredVLAN
andgrantedaccesstothenetwork.
b. IftheRoamAboutSwitchisconfigurednottoenforcetheSODAagentsecuri tychecks,
thentheuserismovedfromtheportalVLANtohisorherconfiguredVLANandgranted
accesstothenetwork,withoutwaitingfortheSODAagentchecks
tobecompleted.
c. Iftheuser’scomputerfailsoneoftheSODAagentchecks,thenacustomizablefailurepage
isloadedinthebrowserwindow.Theuseristhendisconnectedfromthenetwork,orcan
optionallybegrantedlimitednetworkaccess,basedonaspecifiedsecurityACL.
7. Atthecompletionof
hisorhersession,theusercanclosetheSODAVirtualDesktoporpoint
toanadvertisedlogoutURL.Eitheroftheseactionscauseacustomizablelogoutpagetobe
loadedinthebrowserwindow.Accessingthelogoutpagecausestheusertobedisconnected
fromthenetwork.