Aruba Apps

Reply
Contributor I
Posts: 39
Registered: ‎08-27-2014

Is it possible to activate WIPS and use the captive portal at the same time ? How?

Hello to all,

 

I would like your help on it guys :)

Guru Elite
Posts: 21,269
Registered: ‎03-29-2007

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

What are you looking to protect specifically?



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 39
Registered: ‎08-27-2014

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

I want to configure wips with its maximum security and at the same time have a network using captive portal.

Guru Elite
Posts: 21,269
Registered: ‎03-29-2007

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

Open networks are the most vulnerable networks to have, IDS/IPS can only do so much to protect them.  The best thing you can do for your clients is to enable encryption.  Encryption has built-in mechanisms to prevent attacks, but open or captive portal networks have little if any.  Enabling Maximum security would not really do much to protect them.  Most captive portals tell people that they should connect to VPNs to ensure that their traffic will not be intercepted or seen.  If you have internal employees that want to connect, at minimum you should be deploying encryption.

 

Please see the document here;  http://community.arubanetworks.com/aruba/attachments/aruba/ForoenEspanol/295/1/WP_BUILDING%20GLOBAL%20SECURITY%20POLICIES%5B1%5D.pdf

 

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Contributor I
Posts: 39
Registered: ‎08-27-2014

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

Hi,

 

Thank you so much for your response, it really helps us. However, on the customer's environment they are using an infrasctructure Aruba with Clear Pass and here is the thing:

 

We have some internals netwok (for employees) and at the same time, we have in anoter vlan and networks for guest only, and I would like to protect the internals network not te guest, so, when I enable the WIPS, it just kills my network for guest. I would like to know what kind of configuration I should use to protect mu internals network without kills my network for guests, is it possible ?

 

Thank you for you document.

Aruba Employee
Posts: 6
Registered: ‎12-24-2015

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

Do not enable "high" IDS.  If you have a guest vlan at minimum you should have a separate VLAN for your internal users.  Use firewall policies in your user and guest roles to keep guest and user traffic separate.  That way if a guest or internal devices is compromised, it still cannot get past the firewall policy.

Contributor I
Posts: 39
Registered: ‎08-27-2014

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

Hi,

 

I undertand what you said, and we have everything such as separe vlan for it network, the problem just begin when I enable the WIPS on my infrasctructure, it just attack my guest network. Is there a way to enable WIPS and at the same time keep my guest network using captive portal  ?

Aruba Employee
Posts: 6
Registered: ‎12-24-2015

Re: Is it possible to activate WIPS and use the captive portal at the same time ? How?

You could, but it requires planning and testing.  The best way is to use the WIPS Wizard, instead of just putting it on high.  You would have to know specifically what you want to protect or if you just want to detect, etc. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: