Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Threats (malware) related security on AP and Controlles

This thread has been viewed 2 times

  • 1.  Threats (malware) related security on AP and Controlles

    Posted Dec 13, 2017 06:51 PM

    Hi,

    I am trying to understand what level of protection in terms of threats (malware, phishing,command and control)  I can get out of the box when I buy any of the access points (300, 200 or 100 series).  In the data sheets for all of the (e.g 207 - http://www.arubanetworks.com/assets/ds/DS_AP207Series.pdf ) it says "IP reputation and security services identify, classify, and block malicious files, URLs and IPs, providing" - this looks like it is included, is that true? If yes, why I would buy WebCC (BrightCloud URL categorization and URL reputation) subscription since URLs are covered out of teh box?Can someone please demistify this? Also, it says block malicious files - I wonder how that works - is there AV engine running on the device?

     

    Thanks

    Ondrej



  • 2.  RE: Threats (malware) related security on AP and Controlles

    EMPLOYEE
    Posted Dec 14, 2017 07:50 AM

    The feature is built-in the Instant software and controllers, you will need a WebCC subscription to get and keep the classifications up-to-date.

     

    You can imagine that maintaining reputation and web classification databases and keeping the cloud service available is something that takes quite some ongoing work. That is why a WebCC subscription is required.

     

    There is no Anti-virus engine running on the AP/controller, the feature works through the WebCC cloud service on meta-data like destination, hostnames, etc, which is why it hardly affects performance.



  • 3.  RE: Threats (malware) related security on AP and Controlles

    Posted Dec 14, 2017 12:04 PM

    Hi Herman,

    thanks for your quick answer. So when I look on the datasheets of IAPs (e.g. 310) I should read the information "- IP reputation and security services identify, classify, and block malicious files, URLs and IPs, providing comprehensive protection against advanced online threats." as it is possible to buy this extra security via the WebCC  license which activates this feature in ArubaOS, right? If I don't get this WebCC subscription I won't have the protection. Also, I understand that WebCC is leveraging BrightCloud for URL, IP reputation, and URL categorization. The reason I asked about AVs is that in the IAPs data sheets it says "identify, classify, and block malicious files" - wonder how the works? (When I looked on ArubaOS data sheet the info about blocking malicious file is missing so maybe it is just a mistake in the IAPs series data sheets). Thanks!