Configuring Firewall Parameters for Wireless Network Protection

To configure firewallFirewall is a network security system used for preventing unauthorized access to or from a private network. settings, complete the following steps:

1. In the Network Operations app, set the filter to a group containing at least one AP.

   The dashboard context for the group is displayed.

2. Under Manage, click Devices > Access Points.

   A list of APs is displayed in the List view.

3. Click the Config icon.

   The tabs to configure the APs are displayed.

4. Click Show Advanced.
5. Click the Security tab.

   The Security page is displayed.

6. Click the Wireless IDS/IPS accordion.
7. Under Firewall Settings, turn on the toggle switch to enable SIP, VOCERA, ALCATEL NOE, Auto Topology Rules, Restrict Corporate Access, and CISCO Skinny protocols.
8. Under Protection, in the Protection Against Wired Attacks section, enable the following options:
   • Drop Bad ARP—Drops the fake ARPAddress Resolution Protocol. ARP is used for mapping IP network address to the hardware MAC address of a device. packets.
   • Fix Malformed DHCP—Fixes the malformed DHCPDynamic Host Configuration Protocol. A network protocol that enables a server to automatically assign an IP address to an IP-enabled device from a defined range of numbers configured for a given network.  packets.
   • ARP Poison Check—Triggers an alert on ARP poisoning caused by the rogue APs.

Configuring Management Subnets

You can configure subnetsSubnet is the logical division of an IP network. to ensure that the IAP management is carried out only from these subnets. When the management subnets are configured, Telnet, SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. , and UI access is restricted to these subnets only.

To configure management subnets, complete the following steps:

1. In the Network Operations app, set the filter to a group containing at least one AP.

   The dashboard context for the group is displayed.

2. Under Manage, click Devices > Access Points.

   A list of APs is displayed in the List view.

3. Click the Config icon.

   The tabs to configure the APs are displayed.

4. Click Show Advanced.
5. Click the Security tab.

   The Security page is displayed.

6. Click the Wireless IDS/IPS accordion.
7. Click Firewall Settings.
8. Under Management Subnets pane, to add a new management subnet, complete the following steps:
   1. Enter the subnet address in Subnet.
   2. Enter the subnet mask in Mask.
   3. Click Add.
9. Click Save Settings.