Overriding a profile’s security configuration, Overriding a profile’s general security settings – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 195
Brocade Mobility RFS Controller System Reference Guide
183
53-1003099-01
5
Overriding a Profile’s Security Configuration
A profile can have its own firewall policy, wireless client role policy, WEP shared key authentication,
NAT policy and VPN policy (controllers and service platforms only) applied. If an existing firewall,
client role or NAT policy is unavailable, an administrator can be navigated from the Profiles section
of the UI to the Configuration > Security portion of the UI to create the required security policy
configuration. Once created, a policy’s configuration can have an override applied to meet the
changing data protection requirements of a device’s environment. However, in doing so the device
must now be managed separately from the profile configuration shared by other devices within the
managed network.
For more information on applying an override to an existing device profile, refer to the following
sections:
•
Overriding a Profile’s General Security Settings
•
Overriding a Profile’s Certificate Revocation List (CRL) Configuration
•
Overriding a Profile’s VPN Configuration
•
Overriding a Profile’s Auto IPSec Tunnel Configuration
•
Overriding a Profile’s NAT Configuration
•
Overriding a Profile’s Bridge NAT Configuration
Overriding a Profile’s General Security Settings
Overriding a Profile’s Security Configuration
A profile can leverage existing firewall, wireless client role and WIPS policies and apply them to the
profile’s configuration. This affords each profile a truly unique combination of data protection
policies best meeting the data protection requirements the profile supports. However, as
deployment requirements arise, an individual device may need some or all of its general security
configuration overridden from the profile’s settings.
To configure a profile’s security settings and overrides:
1. Select Devices from the Configuration tab.
The Device Configuration screen displays a list of managed devices or peer controllers, service
platforms or Access Points.
2. Select a target device (by double-clicking it) from amongst those displayed within the Device
Configuration screen.
Devices can also be selected directly from the Device Browser in the lower, left-hand, side of
the UI.
3. Select Profile Overrides from the Device menu to expand it into sub menu options.
4. Select Security to expand its sub menu options.
5. Select Settings.
NOTE
A blue override icon (to the left of a parameter) defines the parameter as having an override applied.
To remove an override go to the Basic Configuration section of the device and click the Clear
Overrides button. This removes all overrides from the device.