Guardian Scan Profiles
Guardian scan profiles work with all AP types
(except
AP3705) and include the following:
- An AP operating in Guardian mode does not bridge traffic and instead
devotes all of the AP‘s resources to threat detection and countermeasures.
- An AP is added to a Guardian scan mode in its entirety. There is no
option to dedicate one radio to scanning and the other to forwarding.
- An AP assigned to a Guardian scan profile stops providing any
services (WLAN service, load groups, site) immediately.
- A list of all possible channels that the Gardian AP could scan. Each
channel has a checkbox which when checked enables scanning by any AP in the group.
- A set of countermeasure that lists possible prevention options to
counter specific types of threats. For more information, see In-Service Scan Profile Prevention Settings.
- Support for automatic blacklisting which allows the administrator to
list which MAC addresses should be allowed or denied on the network. For more information,
see Blacklisted Clients.
- Addresses added to the blacklist manually are there until they are
manually removed. If blacklisting clients is enabled, you can set the maximum amount of
time a device can be blacklisted.