Defining Profile Security Settings
A profile can make use of existing firewall, wireless client role,
and WIPS policies and apply them to the profile‘s configuration. This affords each
profile a truly unique combination of data protection policies for best meeting the
data protection requirements of the profile it supports. However, as deployment
requirements arise, an individual device may need some or all of its general
security configuration overridden from the profile‘s settings.
To configure a profile‘s security settings and overrides:
-
Select from the web UI.
-
Expand the Security menu and select
Settings.
-
Select a firewall policy from the Firewall Policy
drop-down menu. All devices using this profile must meet the requirements of the
firewall policy to access the network. A firewall is a mechanism enforcing
access control, and is considered a first line of defense in protecting
proprietary information within the network. The means by which this is
accomplished varies, but in principle, a firewall can be thought of as
mechanisms both blocking and permitting data traffic within the network. If an
existing Firewall policy does not meet your requirements, select the Create icon
to create a new firewall policy that can be applied to this profile. An existing
policy can also be selected and edited as needed using the Edit icon.
-
Select the WEP Shared Key Authentication radio button to
require profile supported devices to use a WEP key to access the network using
this profile. The access point, other proprietary routers, and our clients use
the key algorithm to convert an ASCII string to the same hexadecimal number.
Clients without our adapters need to use WEP keys manually configured as
hexadecimal numbers. This option is disabled by default.
-
Client Identity is a set of unique fingerprints
used to identify a class of devices. This information is used to configure
permissions and access rules for devices classes in the network. Client Identity Group is a
collection of client identities that identify devices and applies specific
permissions and restrictions on these devices. From the drop-down menu select
the client identity group to use with this device profile. For more information,
see Device Fingerprinting.
-
Certificate Management Protocol (CMP) is an Internet protocol to obtain and
manage digital certificates in a Public Key Infrastructure (PKI) network. A
Certificate Authority (CA) issues the certificates using the defined CMP. Use
the drop-down list to select a CMP policy to apply.
-
Use the Web Filter drop-down menu to
select or override the URL
Filter configuration applied to this virtual interface.
Web filtering is used to restrict access
to resources on the internet.
-
Click OK to save the changes or
overrides.
Click Reset to revert to the last
saved configuration.