Comprehensive and Detailed 200 to 250 words of Explanation From HCIP Datacom Campus Network documents knowledge without any URL or Links:
Huawei’s free mobility solution is based onsecurity group–based policy control. In this architecture, users are dynamically associated with security groups after authentication. These security group identifiers are thencarried in user trafficas metadata when packets traverse the campus network.
When traffic reaches apolicy enforcement device, such as an edge node or border node, the device does not rely on traditional attributes like IP address, MAC address, or port number to make forwarding decisions. Instead, it extracts thesource and destination security group informationembedded in the traffic and matches it against the security policy matrix configured on the controller.
This mechanism enables identity-based and location-independent access control. Even if a user moves to a different access point or changes an IP address, the same security policies continue to apply as long as the user remains in the same security group. This is the core advantage of free mobility in Huawei campus networks.
Port numbers, MAC addresses, and IP addresses are traditional Layer 2 and Layer 3 identifiers, but they do not provide sufficient context for identity-based policy enforcement. According to HCIP Datacom Campus Network documentation, security group information is the key attribute used for policy lookup and enforcement in free mobility solutions. Therefore, option A is correct.
