HP Cloud Network Manager Software Captive portal for guest access, Understanding captive portal

Page 56

Session firewall based blacklisting

In session firewall based blacklisting, an Access Control List (ACL) rule automates blacklisting. When the ACL rule is triggered, it sends out blacklist information and the client is blacklisted.

Configuring blacklist duration

To set the blacklist duration:

1.Select Wireless Configuration > Security > BLACKLISTING.

2.Under DYNAMIC BLACKLISTING:

a.

b.

For AUTH FAILURE BLACKLIST TIME, enter the duration after which the clients that exceed the authentication failure threshold must be blacklisted.

For PEF RULE BLACKLISTED TIME, enter the duration after which the clients can be blacklisted due to an ACL rule trigger.

You can configure a maximum number of authentication failures by the clients, after which a client must be blacklisted. For more information on configuring maximum authentication failure attempts, see Configuring security settings for a WLAN SSID profile on page 27.

Captive portal for guest access

This section provides the following information:

Understanding captive portal on page 56

Configuring a WLAN SSID for guest access on page 57

Configuring internal captive portal for guest network on page 60

Configuring external captive portal for a guest network on page 61

Configuring guest logon role and access rules for guest users on page 62

Configuring captive portal roles for an SSID on page 63

Configuring walled garden access on page 64

Disabling captive portal authentication on page 65

Understanding captive portal

Cloud Network Manager supports the Captive portal authentication method. A web page is presented to guest users when they try to access the internet in hotels, conference centers or Wi-Fi hotspots. The web page also prompts the guest users to authenticate or accept the usage policy and terms. Captive portals are used at Wi-Fi hotspots and can be used to control wired access as well.

The Cloud Network Manager Captive portal solution consists of:

The captive portal web login page hosted by an internal or external server.

The RADIUS authentication or user authentication against internal database of the AP.

The SSID broadcast by the AP.

With Cloud Network Manager, administrators can create a wired or WLAN guest network based on Captive portal authentication for guests, visitors, contractors, and any non-employee users who can use the enterprise Wi-Fi network. Administrators can also create guest accounts and customize the Captive portal page with organization- specific logo, terms, and usage policy. With Captive portal authentication and guest profiles, the devices associating with the guest SSID are assigned an initial role and are assigned IP addresses. When a guest user tries to access a URL through HTTP or HTTPS, the Captive portal web page prompts the user to authenticate with a user name and password.

HP Cloud Network Manager User Guide

Wireless configuration 56

Page 55 Page 57
Image 56
Page 55 Page 57
Contents HP Cloud Network Manager User Guide Document 5998-5742, edition 1 July AcknowledgmentsContents Wireless configuration Advanced configuration tasks Captive portal for guest access Reports Maintenance About this guide Intended audienceRelated documents ConventionsSupported APs Cloud Network Manager UI About Cloud Network ManagerCloud Network Manager overview Cloud Network Manager user interface Activating your Cloud Network Manager subscriptionsActivating your HP Cloud Network Manager account User interface Search Tabs Notifications Help Data paneSearch TabsData pane NotificationsHelp Support FeedbackData pane item Description MonitoringOverview Access points AP detailsClients Remote Console System paneSection Description Data pane itemEvent log Setting notification alerts Wireless configuration Initial AP configurationWireless network profiles Importing existing configuration from APNetwork types Understanding wireless network profilesConfiguring Wlan settings Voice Guest Content Filte Disable SsidDMO Channel UtilizationConfiguring Vlan settings for a Wlan Ssid profile Can be UsedWithout Uplink MAX Clients Local ProbeManagement KEY Management Configuring security settings for a Wlan Ssid profileKEY Authenticatio RoamingTermination ServerConfiguring access rules for a Wlan Ssid profile Deleting a Wlan Ssid profile General configuration tasksEditing a Wlan Ssid profile Basic configuration tasks Modifying the AP nameConfiguring VC IP address Configuring time zoneConfiguring a preferred band Configuring an NTP serverAdditional configuration tasks Configuring VC VlanConfiguring auto join mode Configuring LED displayAdvanced configuration tasks Disabling inter-user bridgingPreventing local routing between clients Enabling dynamic CPU managementConfiguring radio profiles for an AP Configuring Arrm assigned radio profiles for an APConfiguring radio profiles manually for AP Customizing AP parametersConfiguring uplink Vlan for an AP Select Administrator assigned in 2.4 GHz and 5 GHz BandMode Description Obtaining IP addressAdvanced radio resource management Arrm overviewAP control Airtime fairness modeHP MotionAware Arrm metrics Configuring Arrm on an APMonitoring the network with Arrm SLB Mode Motion AwareCalculating MA NeighborPower CustomizeValid ChannelsConfiguring radio settings for an AP Intrusion detection systemDetecting and classifying rogue APs OS fingerprintingOff Low Medium High Detection level Detection policyProtection level Protection policy Settings fieldOff Low High Containment methods AuthenticationUnderstanding authentication methods Wireless configuration Supported authentication servers Radius server authentication with VSAExternal Radius server Internal Radius serverConfiguring an external server for authentication Configuring authentication serversAuthentication termination on AP Shared KEY Timeout Shared KEYRetype Retry CountConfiguring dynamic Radius proxy parameters Click Save ServerConfiguring 802.1X authentication for a network profile Enabling dynamic Radius proxyConfiguring MAC authentication for a network profile Configuring MAC authentication with 802.1X authenticationConfiguring WISPr authentication Blacklisting users dynamically Blacklisting clientsBlacklisting clients manually Captive portal for guest access Configuring blacklist durationUnderstanding captive portal Session firewall based blacklistingConfiguring a Wlan Ssid for guest access Types of captive portalWalled garden Select the Primary Usage as GuestContent Filtering Inactivity TimeoutMulticast Transmission Dynamic MulticastLocal Probe Request Can be Used WithoutUplink MAX Clients Threshold Configuring internal captive portal for guest network Configuring external captive portal for a guest network Select any one of the following types of authenticationExternal captive portal profiles Creating a captive portal profileURL USE HttpsCaptive Portal FailureConfiguring captive portal roles for an Ssid Rule TypeSplash TypeExternal Configuring walled garden accessInternal Dhcp configuration Disabling captive portal authenticationConfiguring Dhcp scopes Configuring local and local, L3 Dhcp scopesVlan NetworkNET Mask Excluded AddressServices Configuring an AP for Rtls supportConfiguring Dhcp server for client IP assignment Select Wireless Configuration Services RtlsBonjour support overview Configuring OpenDNS credentialsBonjour support configuration Bonjour support solution Bonjour support with Cloud Network ManagerSelect Wireless Configuration Services Bonjour Support Bonjour support featuresBonjour support services Integration with Cloud Network Manager Configuring an AP for PAN integrationIntegrating an AP with Palo Alto Networks firewall Uplink configuration Wi-Fi uplinkConfiguring a Wi-Fi uplink profile Uplink interfacesConfiguring PPPoE uplink profile Ethernet uplinkEnforcing uplinks Uplink preferences and switchingSetting an uplink priority Switching uplinks based on internet availability From PRE-EMPTION, select EnabledMobility and client management Layer-3 mobility overviewConfiguring L3-mobility Configuring L3 mobility domain Configuring enterprise domainsEnterprise domain Snmp and loggingConfiguring Snmp Configuring community string for SnmpSnmp parameters for AP Creating community strings for SNMPv1 and SNMPv2Creating community strings for SNMPv3 Configuring a syslog serverConfiguring Snmp traps Logging level Description Configuring Tftp dump serverSelect Wireless Configuration System Logging Reports Creating a reportDeleting a report Subscription keys MaintenanceFirmware Device management User managementAbbreviation Expansion TerminologyAcronyms and abbreviations Definition GlossaryTerm EAP Term DefinitionDST POE Through a wireless connection

Cloud Network Manager Software specifications

HP Cloud Network Manager is a robust software solution designed to simplify and enhance the management of network infrastructure in cloud environments. As organizations increasingly shift toward cloud computing, they require comprehensive tools to oversee complex network deployments. HP Cloud Network Manager rises to this challenge, offering a powerful suite of features aimed at optimizing performance, automating tasks, and ensuring reliable connectivity.

One of the main features of HP Cloud Network Manager is its intuitive dashboard, which provides users with real-time insights into network operations. This centralized interface allows administrators to monitor the status of various components, identify potential issues, and respond swiftly to anomalies. With advanced analytics capabilities, the software empowers users to make data-driven decisions that enhance network efficiency.

Another critical feature of this software is its automation capabilities. HP Cloud Network Manager simplifies routine network management tasks, such as configuration, provisioning, and software updates, allowing IT teams to focus on strategic initiatives rather than mundane maintenance. Automation reduces the risk of human error and accelerates deployment times, significantly increasing operational agility.

The software also supports multi-cloud environments, enabling organizations to manage their network resources across different cloud platforms seamlessly. This flexibility is essential for businesses that utilize various cloud providers and wish to maintain a unified network strategy. Coupled with its compatibility with open standards, HP Cloud Network Manager facilitates integration with existing IT ecosystems, ensuring a smooth transition to advanced cloud solutions.

Security is a top priority in today's digital landscape, and HP Cloud Network Manager includes integrated security features to protect network assets. It provides visibility into traffic patterns, helping to detect and mitigate potential threats before they become significant issues. Enhanced security protocols ensure that sensitive data remains protected during transit and at rest, aligning with compliance requirements.

Finally, HP Cloud Network Manager is built on cutting-edge technologies, including artificial intelligence and machine learning, which enable proactive network management. These technologies predict network behavior, assisting administrators in optimizing resources and anticipating potential challenges. As a result, organizations can achieve enhanced reliability and performance from their network infrastructure.

In summary, HP Cloud Network Manager is an essential tool for businesses looking to improve their cloud network management capabilities. With its powerful features, supportive technologies, and commitment to security, it stands out as a reliable solution for navigating the complexities of modern network environments.
Top Page Image Contents