Security

 View Only
last person joined: 2 hours ago 

Enterprise security using ClearPass Policy Management, ClearPass Security Exchange, IntroSpect, VIA, 360 Security Exchange, Extensions and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

IAP IDS Protection questions.

This thread has been viewed 16 times
  • 1.  IAP IDS Protection questions.

    Posted Sep 26, 2022 10:42 PM
    Dear Friends,

    We are a big college having 1200 students + 200 Staff. We finished the whole network infrastructure refresh last year. Everything (Aruba CX Switch, IAP and Clearpass) is up and running. Today, I have noticed someone is talking about Evil Twin Attack on local Wifi infrastructure, I noticed in my IAP, IDS, everything is set off.  Should we change Infra, clients and protections to low to start with to protect our On-Prem Wifi Infrastructure? What impact these will have for our Wifi Performance etc?

    Please Educate me.
    Thanks
    ML

    ------------------------------
    Becoming a Networking Engineer
    ------------------------------


  • 2.  RE: IAP IDS Protection questions.

    EMPLOYEE
    Posted Sep 27, 2022 08:11 AM
    Do you have an internal security team that looks into things like that?  IDS/IPS is very individual based on the "business" you are running and one size does not fit all.  The security needs of a bank are different than the needs of an educational institution that wants to maintain connectivity.  I would consult someone to determine your risk and whether or not it is worth the administrative overhead to enable those features.  In addition, I hope that others in your industry, if they can, will chime in and say what they are doing about IDS/IPS.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 3.  RE: IAP IDS Protection questions.

    Posted Oct 02, 2022 06:16 PM
    Hi we don't have a security team. I am the networking guy who does all switches and wifi...any suggestions where I can start with is IAP's IDS? 
    Thanks
    Get Outlook for Android


    ------------------------------
    Becoming a Networking Engineer
    ------------------------------



  • 4.  RE: IAP IDS Protection questions.

    EMPLOYEE
    Posted Oct 02, 2022 09:47 PM
    you can start referring to this link from user guide
    https://www.arubanetworks.com/techdocs/Instant_810_WebHelp/Content/instant-ug/ids/intrusion-detec.htm

    and enabling just the IDS and see the info and then based on that you can stat tuning it accordingly



    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba.
    ------------------------------



  • 5.  RE: IAP IDS Protection questions.

    EMPLOYEE
    Posted Oct 03, 2022 02:42 AM
    The truth is, strong encryption and good security policy make it less likely that your user's data will be intercepted or manipulated.  If your users are using WPA2-AES with EAP-TLS, it makes their data difficult to intercept or manipulate.  There are users who might have to use the guest network because they are not part of your organization.  Those users should use a VPN on top of using an open network and you should have information stating that on your captive portal page.  Some wireless security tips in general are on the page here:  https://www.cisa.gov/uscert/ncas/tips/ST05-003

    What you should NOT do is blindly enable wireless IDS features.  Many of those features have false positives and you will consume much of your time trying to understand them, only to have them be false.

    If you do not have the funds to hire a consultant, you should engage with other organizations in the same industry, to understand what they are doing to maintain and improve their security posture.  You can also post in one of the industry forums here to understand what HPE/Aruba Customers in your same industry do for wireless security:  https://community.arubanetworks.com/discussion

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------