Except for dot1x are the client assignment today to based on the physical port in the access switch.
If we could move that assignment to the network outlet instead and combined it with a service description where we store more information regarding the client's connection request then could we do the following tasks easily.
- replace a access switch for another type of switch as the switch name and port name are not part of any service, port names and switch names are extracted from the inventory.
- do reviews on the port assignments with feedback loop to the subscriber
- classification of clients on more than only mac-address OUI
In the picture are there three types of connections to the network, where the direct line is how we do it today and the extra orange box how it could be if we created a service definition layer.
- Client that gets a vlan based on it's MAC-address an the port it's connected to. Assigned via Radius.
- Client that gets a vlan or template based only on the port it's connected to. Assigned via NMS
- Client that gets a vlan based on the profile of the device.
Our network inventory could be a perfect place to store that type of service description. That would mean that NAV for example should talk to the inventory and put the service template on the outlet instead of the switch. The radius admin also need to create calls to the inventory.