We are using capitive portal for guest users. Now if the user is smart, they could find the address of the controller and then try to directly logon to controller. Now we always change the username and password from the aruba defaults so even if they are smart enough to try to log onto the controller there is a very slim change that they would be able to do so. That being said (and this is my real questoin) is there a way for the controller to block access to the web-gui log on after say 5 bad username password attempts?
Thought about using blacklist after x amount of failed login attempts but thinking that only applies to wifi client logon so not sure that is going to help me.
Anyone have an idea? Do you think it is really a concern or is my security guy just going a bit overboard on me?
Suggestions comments welcomed...