HP Cloud Network Manager Software manual Configuring access rules for a Wlan Ssid profile

Page 29

Data pane item

Description

 

 

within range of 1 to 99 hours and the default value is 24 hours.

 

 

 

 

MAC

To enable MAC address based authentication for Personal and Open security

 

AUTHENTICATIO

levels, set MAC AUTHENTICATION to Enabled.

 

N

For Enterprise security level, the following options are available:

 

 

PERFORM MAC AUTHENTICATION BEFORE 802.1X — Select this to use

 

 

802.1X authentication only when the MAC authentication is successful.

 

 

MAC AUTHENTICATION FAIL-THRU— On selecting this, the 802.1X

 

 

authentication is attempted when the MAC authentication fails.

 

 

 

 

DELIMITER

Specify a character (for example, colon or dash) as a delimiter for the MAC

 

CHARACTER

address string. When configured, the AP uses the delimiter in the MAC authen-

 

 

tication request. For example, if you specify the colon as a delimiter, MAC

 

 

addresses in the xx:xx:xx:xx:xx:xx format are used. If the delimiter is not specified,

 

 

the MAC address in the xxxxxxxxxxxx format is used.

 

 

This option is available only when MAC authentication is enabled.

 

 

 

 

UPPERCASE

Set to Enabled to allow the AP to use uppercase letters in MAC address string for

 

SUPPORT

MAC authentication.

 

 

This option is available only if MAC authentication is enabled.

 

 

 

 

3.Click Next to configure access rules. For more information, see Configuring access rules for a WLAN SSID profile on page 29.

Configuring access rules for a WLAN SSID profile

This section describes the procedure for configuring security settings for employee and voice network only. For information on guest network configuration, see Captive portal for guest access on page 56.

If you are creating a new SSID profile, complete the WLAN Settings and configure VLAN and security parameters, before defining access rules. For more information, see Configuring WLAN settings on page 23, Configuring VLAN settings for a WLAN SSID profile on page 26, and Configuring security settings for a WLAN SSID profile on page 27.

You can configure up to 64 access rules for an employee, voice, or guest network. To configure access rules for a guest network, see Configuring a WLAN SSID for guest access on page 57

To configure access rules for an employee or voice network:

1.In Access Rules, select any of the following types of access control:

Unrestricted — Select this to set unrestricted access to the network.

Network-based— Select Network-basedto set common rules for all users in a network. The Allow any to all destinations access rule is enabled by default. This rule allows traffic to all destinations. To define an access rule:

a.Click (+) icon.

b.Select appropriate options in the New Rule pane.

c.Click OK.

Role based — Select Role based to enable access based on user roles. For role-based access control: n Create a user role if required.

29 Wireless configuration

HP Cloud Network Manager User Guide

Image 29
Contents HP Cloud Network Manager User Guide Acknowledgments Document 5998-5742, edition 1 JulyContents Wireless configuration Advanced configuration tasks Captive portal for guest access Reports Maintenance Intended audience About this guideRelated documents ConventionsSupported APs Cloud Network Manager UI About Cloud Network ManagerCloud Network Manager overview Activating your Cloud Network Manager subscriptions Cloud Network Manager user interfaceActivating your HP Cloud Network Manager account Search Tabs Notifications Help Data pane User interfaceTabs SearchData pane NotificationsHelp Feedback SupportData pane item Description MonitoringOverview AP details Access pointsRemote Console System pane ClientsSection Description Data pane itemEvent log Setting notification alerts Initial AP configuration Wireless configurationWireless network profiles Importing existing configuration from APNetwork types Understanding wireless network profilesConfiguring Wlan settings Voice Guest Disable Ssid Content FilteDMO Channel UtilizationCan be Used Configuring Vlan settings for a Wlan Ssid profileWithout Uplink MAX Clients Local ProbeManagement KEY Management Configuring security settings for a Wlan Ssid profileKEY Roaming AuthenticatioTermination ServerConfiguring access rules for a Wlan Ssid profile Deleting a Wlan Ssid profile General configuration tasksEditing a Wlan Ssid profile Modifying the AP name Basic configuration tasksConfiguring time zone Configuring VC IP addressConfiguring a preferred band Configuring an NTP serverConfiguring VC Vlan Additional configuration tasksConfiguring auto join mode Configuring LED displayDisabling inter-user bridging Advanced configuration tasksPreventing local routing between clients Enabling dynamic CPU managementConfiguring Arrm assigned radio profiles for an AP Configuring radio profiles for an APConfiguring radio profiles manually for AP Customizing AP parametersSelect Administrator assigned in 2.4 GHz and 5 GHz Band Configuring uplink Vlan for an APMode Description Obtaining IP addressArrm overview Advanced radio resource managementAP control Airtime fairness modeHP MotionAware Arrm metrics Configuring Arrm on an APMonitoring the network with Arrm Motion Aware SLB ModeCalculating MA NeighborCustomize PowerValid ChannelsIntrusion detection system Configuring radio settings for an APOS fingerprinting Detecting and classifying rogue APsDetection level Detection policy Off Low Medium HighProtection level Protection policy Settings fieldOff Low High Containment methods AuthenticationUnderstanding authentication methods Wireless configuration Radius server authentication with VSA Supported authentication serversExternal Radius server Internal Radius serverConfiguring an external server for authentication Configuring authentication serversAuthentication termination on AP Shared KEY Shared KEY TimeoutRetype Retry CountClick Save Server Configuring dynamic Radius proxy parametersEnabling dynamic Radius proxy Configuring 802.1X authentication for a network profileConfiguring MAC authentication with 802.1X authentication Configuring MAC authentication for a network profileConfiguring WISPr authentication Blacklisting users dynamically Blacklisting clientsBlacklisting clients manually Configuring blacklist duration Captive portal for guest accessUnderstanding captive portal Session firewall based blacklistingTypes of captive portal Configuring a Wlan Ssid for guest accessWalled garden Select the Primary Usage as GuestInactivity Timeout Content FilteringMulticast Transmission Dynamic MulticastLocal Probe Request Can be Used WithoutUplink MAX Clients Threshold Configuring internal captive portal for guest network Select any one of the following types of authentication Configuring external captive portal for a guest networkExternal captive portal profiles Creating a captive portal profileUSE Https URLCaptive Portal FailureRule Type Configuring captive portal roles for an SsidSplash TypeExternal Configuring walled garden accessInternal Disabling captive portal authentication Dhcp configurationConfiguring Dhcp scopes Configuring local and local, L3 Dhcp scopesNetwork VlanNET Mask Excluded AddressConfiguring an AP for Rtls support ServicesConfiguring Dhcp server for client IP assignment Select Wireless Configuration Services RtlsBonjour support overview Configuring OpenDNS credentialsBonjour support configuration Bonjour support with Cloud Network Manager Bonjour support solutionSelect Wireless Configuration Services Bonjour Support Bonjour support featuresBonjour support services Integration with Cloud Network Manager Configuring an AP for PAN integrationIntegrating an AP with Palo Alto Networks firewall Wi-Fi uplink Uplink configurationConfiguring a Wi-Fi uplink profile Uplink interfacesEthernet uplink Configuring PPPoE uplink profileEnforcing uplinks Uplink preferences and switchingSetting an uplink priority From PRE-EMPTION, select Enabled Switching uplinks based on internet availabilityMobility and client management Layer-3 mobility overviewConfiguring L3-mobility Configuring enterprise domains Configuring L3 mobility domainEnterprise domain Snmp and loggingConfiguring community string for Snmp Configuring SnmpSnmp parameters for AP Creating community strings for SNMPv1 and SNMPv2Creating community strings for SNMPv3 Configuring a syslog serverConfiguring Snmp traps Logging level Description Configuring Tftp dump serverSelect Wireless Configuration System Logging Creating a report ReportsDeleting a report Subscription keys MaintenanceFirmware User management Device managementAbbreviation Expansion TerminologyAcronyms and abbreviations Definition GlossaryTerm EAP Term DefinitionDST POE Through a wireless connection

Cloud Network Manager Software specifications

HP Cloud Network Manager is a robust software solution designed to simplify and enhance the management of network infrastructure in cloud environments. As organizations increasingly shift toward cloud computing, they require comprehensive tools to oversee complex network deployments. HP Cloud Network Manager rises to this challenge, offering a powerful suite of features aimed at optimizing performance, automating tasks, and ensuring reliable connectivity.

One of the main features of HP Cloud Network Manager is its intuitive dashboard, which provides users with real-time insights into network operations. This centralized interface allows administrators to monitor the status of various components, identify potential issues, and respond swiftly to anomalies. With advanced analytics capabilities, the software empowers users to make data-driven decisions that enhance network efficiency.

Another critical feature of this software is its automation capabilities. HP Cloud Network Manager simplifies routine network management tasks, such as configuration, provisioning, and software updates, allowing IT teams to focus on strategic initiatives rather than mundane maintenance. Automation reduces the risk of human error and accelerates deployment times, significantly increasing operational agility.

The software also supports multi-cloud environments, enabling organizations to manage their network resources across different cloud platforms seamlessly. This flexibility is essential for businesses that utilize various cloud providers and wish to maintain a unified network strategy. Coupled with its compatibility with open standards, HP Cloud Network Manager facilitates integration with existing IT ecosystems, ensuring a smooth transition to advanced cloud solutions.

Security is a top priority in today's digital landscape, and HP Cloud Network Manager includes integrated security features to protect network assets. It provides visibility into traffic patterns, helping to detect and mitigate potential threats before they become significant issues. Enhanced security protocols ensure that sensitive data remains protected during transit and at rest, aligning with compliance requirements.

Finally, HP Cloud Network Manager is built on cutting-edge technologies, including artificial intelligence and machine learning, which enable proactive network management. These technologies predict network behavior, assisting administrators in optimizing resources and anticipating potential challenges. As a result, organizations can achieve enhanced reliability and performance from their network infrastructure.

In summary, HP Cloud Network Manager is an essential tool for businesses looking to improve their cloud network management capabilities. With its powerful features, supportive technologies, and commitment to security, it stands out as a reliable solution for navigating the complexities of modern network environments.