Wireless Access

last person joined: 18 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Controller as Firewall

This thread has been viewed 0 times

  • 1.  Controller as Firewall

    Posted Aug 31, 2012 06:26 AM

    Dear community,

    this is my first post and before posting I checked existing question but could not find an answer to my question. Here it is:

    Can I use the controller as a firewall on Internet gateway?

    Indeed, I have to deploy a WiFi infrastructure as well as replacing old Cisco PIX + provide remote acces to a branch office + nomad users. My idea would be to have the controller to

    - manage the APs

    - protect the site from Internet threats (replace PIX)

    - terminate VPN connection from RAP and VIA clients.

     

    Does it sound ok for you? Do you foresee any limitations of firewall features vs PIX, ASA or Palo Alto firewalls?

     

    Thanks in advance for your advises!

    regards,

    Romain 



  • 2.  RE: Controller as Firewall

    EMPLOYEE
    Posted Aug 31, 2012 09:09 AM
    @rjourdan wrote:

    Dear community,

    this is my first post and before posting I checked existing question but could not find an answer to my question. Here it is:

    Can I use the controller as a firewall on Internet gateway?

    Indeed, I have to deploy a WiFi infrastructure as well as replacing old Cisco PIX + provide remote acces to a branch office + nomad users. My idea would be to have the controller to

    - manage the APs

    - protect the site from Internet threats (replace PIX)

    - terminate VPN connection from RAP and VIA clients.

     

    Does it sound ok for you? Do you foresee any limitations of firewall features vs PIX, ASA or Palo Alto firewalls?

     

    Thanks in advance for your advises!

    regards,

    Romain 

    Well if you just want to do those three things above, the Aruba Controller has you covered, since the PIX, ASA and Palo Alto cannot terminate access points.  Many users deploy them at branch offices as a single box solution and they work very well in that situation.