beautypg.com

Profile security configuration, Defining security settings – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 488

background image

476

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

Before defining a profile’s network configuration, refer to the following deployment guidelines to
ensure the profile configuration is optimally effective:

Administrators often need to route traffic between different VLANs. Bridging VLANs are only for
non-routable traffic, like tagged VLAN frames destined to some other device which will untag it.
When a data frame is received on a port, the VLAN bridge determines the associated VLAN
based on the port of reception.

Static routes, while easy, can be overwhelming within a large or complicated network. Each
time there is a change, someone must manually make changes to reflect the new route. If a
link goes down, even if there is a second path, the router would ignore it and consider the link
down.

Static routes require extensive planning and have a high management overhead. The more
routers in a network, the more routes need that to be configured. If you have N number of
routers and a route between each router is needed, then you must configure N x N routes.
Thus, for a network with nine routers, you’ll need a minimum of 81 routes (9 x 9 = 81).

Profile Security Configuration

A profile can have its own firewall policy, wireless client role policy, WEP shared key authentication,
NAT policy and VPN policy applied. If an existing firewall, client role or NAT policy is unavailable, an
administrator can navigate from Configuration > Profiles to Configuration > Security to create the
required security policy configuration. Once created, separate policies can be applied to the profile
to best support the data protection and security requirements of the device model supported by
the profile.

For more information, refer to the following sections:

Defining Security Settings

Setting the Certificate Revocation List (CRL) Configuration

Setting the Profile’s VPN Configuration

Setting the Profile’s Auto IPSec Tunnel Configuration

Setting the Profile’s NAT Configuration

Bridge NAT Configuration

Defining Security Settings

Profile Security Configuration

A profile can leverage existing firewall, wireless client role and WIPS policies and apply them to the
profile’s configuration. This affords each profile a truly unique combination of data protection
policies best meeting the data protection requirements of the profile’s supported device model.

To define a profile’s security settings:

1. Select the Configuration tab from the Web UI.

2. Select Profiles from the Configuration tab.

3. Select Manage Profiles from the Configuration > Profiles menu.

4. Select Security.

5. Select Settings.

See also other documents in the category Brocade Computer Accessories: