Profile Security Configuration
An access point profile can have its own firewall policy, wireless client
role policy, WEP shared key authentication and NAT policy applied.
Before defining a profile‘s security configuration, refer to the following deployment
guidelines to ensure the profile configuration is optimally effective:
- Ensure the contents of the certificate revocation list are periodically audited to ensure
revoked certificates remained quarantined or validated certificates are reinstated.
- NAT alone does not provide a firewall. If deploying NAT on a profile, add a firewall on the
profile to block undesirable traffic from being routed. For outbound Internet access, a
stateful firewall can be configured to deny all traffic. If port address translation is
required, a stateful firewall should be configured to only permit the TCP or UDP ports being
translated.
For more information, refer to the following:
Print
this page
Email this topic
Feedback
View PDF
Download EPUB