beautypg.com

Security configuration, Wireless firewall, Chapter 10 – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 577: Rmation, see, Wireless, Firewall

background image

Brocade Mobility RFS Controller System Reference Guide

565

53-1003099-01

Chapter

10

Security Configuration

When protecting wireless traffic to and from a wireless controller or service platform, the
administrator should not lose sight of the security solution in it's entirety, since the chain is as weak
as its weakest link. Brocade Mobility 5 network provides seamless data protection and user
validation to protect and secure data at each vulnerable point in the network. Brocade wireless
devices support a Layer 2 wired/wireless firewall and Wireless Intrusion Protection System (WIPS)
capabilities at the WLAN, while additionally strengthened with a premium multi-vendor overlay
security solution from Air Defense with 24x7 dedicated protection. This security is offered at the
most granular level, with role, location and device categorization based network access control
available to users based on identity as well as the security posture of the client device. For more
information, see:

Wireless Firewall

Configuring IP Firewall Rules

Wireless Client Roles

Device Fingerprinting

Intrusion Prevention

Wireless Firewall

A firewall is a mechanism enforcing network access control, and is considered a first line of
defense in protecting proprietary information within the network. The means by which this is
accomplished varies, but in principle, a firewall can be thought of as mechanisms both blocking
and permitting data traffic within the network. Firewalls implement uniquely defined access control
policies, so if you don't have an idea of what kind of access to allow or deny, a firewall is of little
value, and in fact could provide a false sense of network security.

With Motorola Solutions wireless controllers and Access Points, Firewalls are configured to protect
against unauthenticated logins from outside the network. This helps prevent hackers from
accessing managed wireless clients. Well designed Firewalls block traffic from outside the network,
but permit authorized users to communicate freely with outside the network.

Firewalls can be implemented in both hardware and software, or a combination of both. All
messages entering or leaving the wireless controller or Access Point pass through the firewall,
which examines each message and blocks those not meeting the security criteria (rules) defined.

Firewall rules define the traffic permitted or denied within the network. Rules are processed by a
firewall supported device from first to last. When a rule matches the network traffic a controller or
service platform is processing, the firewall uses that rule's action to determine whether traffic is
allowed or denied.