beautypg.com

Psk / none, Captive portal – Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 412

background image

402

Brocade Mobility Access Point System Reference Guide

53-1003100-01

6

Authentication, Authorization, and Accounting (AAA) is a framework for intelligently controlling
access to the wireless client managed network, enforcing user authorization policies and auditing
and tracking usage. These combined processes are central for securing wireless client resources
and wireless network data flows. For information on defining a new AAA policy, see AAA Policy on
page 7-500.

9. Select the Reauthentication radio button to force MAC supported clients to reauthenticate. Use

the spinner control set the number of minutes (from 30 - 86,400) that, once exceeded, forces
the EAP supported client to reauthenticate.

10. Select OK when completed to update the WLAN’s MAC configuration. Select Reset to revert the

screen back to the last saved configuration.

MAC Authentication Deployment Considerations

MAC Authentication

Before defining a MAC authentication configuration on a WLAN, refer to the following deployment
guidelines to ensure the configuration is optimally effective:

MAC authentication can only be used to identify end-user devices, not the users themselves.

MAC authentication is somewhat poor as a standalone data protection technique, as MAC
addresses can be easily spoofed by hackers who can provision a MAC address on their device
to mimic a trusted device.

PSK / None

Configuring WLAN Security

Open-system authentication can be referred to as no authentication, since no actual
authentication and user credential validation takes place. When selecting PSK/None, a client
requests (and is granted) authentication with no credential exchange.

NOTE

Although None implies no authentication, this option is also used when
pre-shared keys are used for encryption (thus the /PSK in the description).

Captive Portal

Configuring WLAN Security

A captive portal is guest access policy that provides temporary and restrictive access to the
wireless network. The primary means of securing such guest access is the use of a captive portal.
For an overview of the captive portal process and information on how to define a captive portal
policy that can be applied to a WLAN, see Configuring Captive Portal Policies on page 9-569.

To assign a captive portal policy to a WLAN:

1. Select the Configuration tab from the Web UI.

2. Select Wireless.

3. Select Wireless LANs to display a high level display of existing WLANs.

4. Select the Add button to create an additional WLAN or select an existing WLAN and Edit to

modify the properties of an existing WLAN.

5. Select Security.

See also other documents in the category Brocade Computer Accessories: