Guardian Scan Profiles

Guardian scan profiles work with all AP types (except AP3705) and include the following:
  • An AP operating in Guardian mode does not bridge traffic and instead devotes all of the AP‘s resources to threat detection and countermeasures.
  • An AP is added to a Guardian scan mode in its entirety. There is no option to dedicate one radio to scanning and the other to forwarding.
  • An AP assigned to a Guardian scan profile stops providing any services (WLAN (Wireless Local Area Network) service, load groups, site) immediately.
  • A list of all possible channels that the Gardian AP could scan. Each channel has a checkbox which when checked enables scanning by any AP in the group.
  • A set of countermeasure that lists possible prevention options to counter specific types of threats. For more information, see In-Service Scan Profile Prevention Settings.
  • Support for automatic blacklisting which allows the administrator to list which MAC addresses should be allowed or denied on the network. For more information, see Blacklisted Clients.
  • Addresses added to the blacklist manually are there until they are manually removed. If blacklisting clients is enabled, you can set the maximum amount of time a device can be blacklisted.