ArubaOS and Controllers

Reply
Occasional Contributor I

IPS and Controllers

Good day all,

Background: We have over 25 local controllers and a master serving over 1500 APs. There are large distances between some of the controllers “different cities’.

For the first time, we are creating a new SSID for non-Domain machines, personal handheld devices, laptops, …etc. This new SSID will only allow HTTP HTTPS traffic using captive portal for authentication without encryption. More like internet/Intranet SSID only. This SSID has gone under risk assessment and one of the recommendations is to have IPS capabilities to reduce spread of viruses coming from these unknown personal devices. Broadcasting this SSID might get thousands of users to browse the Internet/Intranet on the same NATed network of the company and might cause some security risks.

My question: is there a way to only install one or two IPS devices and have all traffic be directed to them? I can’t have the same VLAN on all controllers.
Is Aruba IPS capable of doing more than wireless IPS functionalities?
My problem is that I cant install an IPS on every local controller and have it as a standard that every time we install a controller we install an IPS along.


Are their similar scenarios where personal handhelds/laptops are allowed to access the wireless network? What are the measures taken to prevent spread of viruses for example?
Guru Elite

IPS and Controllers

Ghubari,

An Aruba whitepaper on how to get packets from the infrastrucutre to an IDS device using mirroring (snort in this example) is here: http://www.arubanetworks.com/pdf/technology/whitepapers/wp_WiredIDS_Snort.pdf


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor I

Re: IPS and Controllers

Thanks Colin. I just posted a new thread on the same subject. I want to avoid installing a new hardware.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: