Manuals / Brands / Computer Equipment / Network Router / HP / Computer Equipment / Network Router

HP Client Bridge M111 Security policies, Security, minutes, Timeout, guidelines, Follow FIPS, Login control, Lock access for, Allowed addresses:, Active interfaces:

1 88

Download 88 pages, 1.23 Mb

Working with the M111

Management tool

Security policies

Security policies affect both manager and operator accounts. Select from one of the following options:

Follow FIPS 140-2 guidelines: When selected, implements the following requirements from the FIPS 140-2 guidelines:

Passwords must be at least six characters long.

Passwords must contain at least four different characters.

For more information on these guidelines, refer to the Federal Information Processing Standards Publication (FIPS PUB) 140-2, Security Requirements for Cryptographic Modules.

Follow PCI DSS 1.2 guidelines: When selected, implements the following requirements from the PCI DSS 1.2 guidelines:

Passwords must be at least seven characters long.

Passwords must contain both numeric and alphabetic characters.

The settings under Login control must be configured as follows:

Lock access after nn login failures must be set to 6 or less.

Lock access for nn minutes must be set to 30 minutes or more.

The settings under Account inactivity logout must be configured as follows:

Timeout must be set to 15 minutes or less.

For more information on these guidelines, refer to the Payment Card Industry Data Security Standard v1.2 document.

Security

The management tool is protected by the following security features:

Allowed addresses: You can configure a list of subnets from which access to the management tool is permitted.

Active interfaces: You can enable or disable access to the management tool for each of the following:

Port 1

Wireless port

3-6

Contents

Page Page HP ProCurve M111 Client Bridge Publication Number Applicable Products Trademark Credits Disclaimer Warranty 1 Introduction 2 Getting started 3 Working with the M111 Page Page A Regulatory information BResetting to factory defaults Page Introduction About this guide Warnings and cautions Commands and program listings Introducing the M111 Client Bridge Safety information Professional Installation Required Servicing HP ProCurve Networking support Before contacting support Online documentation Getting started Deploying the M111 Scenario 1: Connecting wired devices to a wireless network Note A. Configure your computer 192.168.1.1 C. Start the M111 D. Connect to the management tool and login https://192.168.1.1 admin Username Save About passwords Wireless Base MAC Home https://192.168.5.11 F.Configure a station profile General Enabled Profile name: WLAN name (SSID): AP’s MAC address: Scenario 2: Connecting a wired device using MAC address cloning G. Configure MAC cloning options Wireless > Bridging Ethernet MAC cloning Discovered MAC address Management tool (TCP port 443) H. Connect the wired device to the M111 Scenario 3: Connecting a serial device to a wireless network G. Configure the serial connection 2.Select Network > TCP Serial. The TCP to serial configuration page opens TCP connection Mode Serial port State TCP connection status Page Working with the M111 Page Management tool Manager and Operator accounts Passwords Security policies Web server Auto-refresh IP address configuration To configure IP addressing 1. Select Network > Ports Bridge port Assign IP address via Configure Radio configuration Wireless mode Restrict channels to Antenna selection Fast roaming threshold Fast roaming delta threshold Fast roaming threshold count Minimum SNR threshold Scan channel delay Fast scan channel delay Roaming persistence Using station profiles to establish a wireless link Active scanning enabled Priority General Profile name WLAN name (SSID) AP's MAC address Active scanning Wireless security Wireless protection Key source TLS: Security > 802.1X certificates TTLS: FAST: Validate server certificate: Viewing APs in the neighborhood Field descriptions Configuring Quality of Service (QoS) Priority mechanisms Very-high,high, normal, low priority Differentiated Services (DiffServ) TOS IP QoS Disabled Upstream DiffServ tagging Settings Connecting serial devices one Serial port connector To connect a serial device 2. Select Network > TCP serial. The TCP to serial configuration page opens TCP to serial configuration TCP connection Client: Remote IP address TCP port Server: Port control Drop wireless link when port 1 is connected TCP connection status DNS configuration DNS servers Dynamically assigned DNS servers Override dynamically assigned DNS servers DNS advanced settings DNS cache Handling unsupported traffic Cloning the address of a wired device Limitations Enabling Ethernet MAC cloning Discovered MAC address: Wireless access to the M111 when MAC cloning is active Setting up management traffic interception Management tool (TCP port 443) SNMP agent (UDP port 161) SNMP notifications (UDP port 162) Remote log (UDP port 514) Using filters to restrict wireless traffic Assigning a management address SNMP Attributes v1/v2c communities v3 users Notification receivers Host Managing certificates 802.1X — Install TLS client certificate Certificate file Password 802.1X — Manage TLS client certificates 802.1X — Trusted CA certificates Install 802.1X — Manage CA certificates Certificate Trusted CA certificate store Installing a new CA certificate CA certificate import formats Certificate and private key store Installing a new private key/public key certificate chain pair Default installed private key/public key certificate chains Changing the certificate assigned to a service About certificate warnings Configuration file management Backup configuration Reset configuration Restore configuration Software updates Performing an immediate software update select Install Performing a scheduled update 1.Enable Scheduled install Day of week Page Regulatory information Manufacturer's FCC Declaration of Conformity Statement Warning Exposure to Radio Frequency Radiation Countries of Operation & Conditions of Use Operation Using 5 GHz Channels in the European Community Disposal of Waste Equipment by Users in Private Household in the European Union DGT LPD (Low Power Device) Statement Resetting to factory defaults How it works