In Huawei’s free mobility solution based on iMaster NCE-Campus, the method used for obtaining IP-security group entries depends on whether the device acts as an authentication point, a policy enforcement point, or both. When a devicefunctions as both an authentication point and a policy enforcement point, it can directly obtain user identity information during the authentication process.
According to HCIP Datacom Campus Network documentation, when authentication occurs on a device, that device locally learns user identity attributes such as IP address, security group, and access policy. In this scenario, the device doesnot need to subscribeto IP-security group entries from iMaster NCE-Campus in order to view or use user information. iMaster NCE-Campus proactively delivers relevant policy and security group information to the device as part of centralized control and coordination.
IP-security group entrysubscriptionis required only when the policy enforcement point isnotthe authentication point. In that case, the enforcement device must subscribe to IP-security group entries or receive them from the authentication device to correctly enforce policies.
Because the device in this scenario performs both authentication and enforcement roles, user information is directly available without subscription. Therefore, the statement claiming that administrators must subscribe to IP-security group entries to view user information is incorrect.
Hence, the correct answer isFALSE, which aligns with Huawei free mobility operational principles defined in HCIP Datacom Campus Network materials.
