Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

478

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

8

Select an Advanced WIPS Policy from the drop-down menu. Define an advanced WIPS configuration
to optionally remove (terminate) unwanted device connections, and sanction (allow) or unsanaction
(disallow) specific events within the managed network.

If an existing Advanced WIPS policy does not meet the profile’s data protection requirements,
select the Create icon to create a new configuration that can be applied to the profile. An
existing policy can also be selected and edited as needed using the Edit icon.

Select OK to save the changes made within the Settings screen. Select Reset to revert to the last
saved configuration.

Setting the Certificate Revocation List (CRL) Configuration

Profile Security Configuration

A certificate revocation list (CRL) is a list of certificates that have been revoked or are no longer
valid. A certificate can be revoked if the certificate authority (CA) had improperly issued a
certificate, or if a private-key is compromised. The most common reason for revocation is the user
no longer being in sole possession of the private key.

To define a CRL configuration that can be applied to a profile:

1. Select the Configuration tab from the Web UI.

2. Select Profiles from the Configuration tab.

3. Select Manage Profiles from the Configuration > Profiles menu.

4. Select Security.

5. Select Certificate Revocation.

FIGURE 61

Security - Certificate Revocation screen

6. Select the + Add Row button to add a column within the Certificate Revocation List (CRL)

Update Interval table to quarantine certificates from use in the network.

Additionally, a certificate can be placed on hold for a defined period. If, for instance, a private
key was found and nobody had access to it, its status could be reinstated.