Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
751752753754755756757758759760
12-47
Wireless Network Management
AP Detection
You should configure the module to allow APs that meet certain criteria—for
example, that are part of your wireless network. The module then moves these APs
to an approved APs list so that they do not clutter the unapproved list and make it
difficult for you to identify actual threats to network security.
You can use two criteria to define allowed APs:
MAC address
SSID
For example, you can list the MAC address of every AP and RP in your network (not
connected to this module) and allow those addresses. Or, you can simply allow all
APs and RPs that are members of one of your network’s WLANs (as defined by the
SSID). These solutions are appropriate only in a relatively secure environment.
For tighter security, you can force the module to match APs to both a MAC address
and an SSID. For example, a rogue AP might mimic your network’s SSID; if you
allow all APs using that SSID, then you will overlook this security hazard.
You specify these criteria in a series of up to 200 rules, each identified by an index
number. Each rule can specify one of the following:
one MAC address
one SSID
one MAC address and one SSID
For example, if you want to use hardware-based rules to allow APs and your network
includes 14 RPs adopted by a different module and two APs, then you must create 16
rules.
Creating Rules That Define Allowed APs
To create a rule, complete these steps:
1. Select Special Features > Access Point Detection > Configuration. The screen
displays, in the Allowed APs section, the APs that are currently allowed, listed
in order of index number.
This section shows the rules for allowed APs. Your RPs may or may not detect
the APs in question at the moment.