Wireless Access

 View Only
last person joined: 2 days ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Security scan warnings about HSTS on MCs

This thread has been viewed 10 times
  • 1.  Security scan warnings about HSTS on MCs

    Posted Nov 01, 2022 05:37 AM
    Hello,

    AOS version 8.10.0.4
    active and standby MCs
    2x clusters

    Our security team run Nessus scans and they are highlighting HSTS headers being missing on our MCs (active and standby). I'm not sure what this is telling us, obviously those (the MCs) aren't used for the captive portal (are they?) - would the CP be the normal culprit for this kind of warning? We don't get the warning for our cluster members which have a public cert configured for the captive portal, so in the meantime I have just done the same for the MCs. I'd like to understand this a bit more if anyone can fill me in?

    Guy


  • 2.  RE: Security scan warnings about HSTS on MCs

    EMPLOYEE
    Posted 23 days ago
    There is a management login interface in the GUI.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------