Aruba Apps

last person joined: 2 days ago 

The HPE Aruba Networking Apps board is designed to address questions, comments, and feature requests for all HPE Aruba Networking mobile Apps
Back to discussions
Expand all | Collapse all

Is it possible to activate WIPS and use the captive portal at the same time ? How?

This thread has been viewed 0 times

  • 1.  Is it possible to activate WIPS and use the captive portal at the same time ? How?

    Posted Jan 26, 2016 01:57 PM

    Hello to all,

     

    I would like your help on it guys :)



  • 2.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    EMPLOYEE
    Posted Jan 26, 2016 02:31 PM

    What are you looking to protect specifically?



  • 3.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    Posted Jan 26, 2016 02:47 PM

    I want to configure wips with its maximum security and at the same time have a network using captive portal.



  • 4.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    EMPLOYEE
    Posted Jan 26, 2016 04:20 PM

    Open networks are the most vulnerable networks to have, IDS/IPS can only do so much to protect them.  The best thing you can do for your clients is to enable encryption.  Encryption has built-in mechanisms to prevent attacks, but open or captive portal networks have little if any.  Enabling Maximum security would not really do much to protect them.  Most captive portals tell people that they should connect to VPNs to ensure that their traffic will not be intercepted or seen.  If you have internal employees that want to connect, at minimum you should be deploying encryption.

     

    Please see the document here;  http://community.arubanetworks.com/aruba/attachments/aruba/ForoenEspanol/295/1/WP_BUILDING%20GLOBAL%20SECURITY%20POLICIES%5B1%5D.pdf

     

     

     

     



  • 5.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    Posted Jan 27, 2016 06:56 AM

    Hi,

     

    Thank you so much for your response, it really helps us. However, on the customer's environment they are using an infrasctructure Aruba with Clear Pass and here is the thing:

     

    We have some internals netwok (for employees) and at the same time, we have in anoter vlan and networks for guest only, and I would like to protect the internals network not te guest, so, when I enable the WIPS, it just kills my network for guest. I would like to know what kind of configuration I should use to protect mu internals network without kills my network for guests, is it possible ?

     

    Thank you for you document.



  • 6.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?
    Best Answer

    EMPLOYEE
    Posted Jan 27, 2016 07:30 AM

    Do not enable "high" IDS.  If you have a guest vlan at minimum you should have a separate VLAN for your internal users.  Use firewall policies in your user and guest roles to keep guest and user traffic separate.  That way if a guest or internal devices is compromised, it still cannot get past the firewall policy.



  • 7.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    Posted Jan 27, 2016 07:43 AM

    Hi,

     

    I undertand what you said, and we have everything such as separe vlan for it network, the problem just begin when I enable the WIPS on my infrasctructure, it just attack my guest network. Is there a way to enable WIPS and at the same time keep my guest network using captive portal  ?



  • 8.  RE: Is it possible to activate WIPS and use the captive portal at the same time ? How?

    EMPLOYEE
    Posted Jan 27, 2016 07:46 AM

    You could, but it requires planning and testing.  The best way is to use the WIPS Wizard, instead of just putting it on high.  You would have to know specifically what you want to protect or if you just want to detect, etc.