Psk / none – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 272

Advertising
background image

260

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

6

1. Select Configuration > Wireless > Wireless LAN Policy to display available WLANs.

2. Select the Add button to create an additional WLAN, or select and existing WLAN and Edit to

modify the security properties of an existing WLAN.

3. Select Security.

4. Select MAC as the Authentication Type.

Selecting MAC enables the radio buttons for each encryption option as an additional measure
of security for the WLAN.

FIGURE 6

MAC Authentication screen

5. Either select an existing AAA Policy from the drop-down menu or select the Create icon to the

right of the AAA Policy parameter to display a screen where new AAA policies can be created. A
default AAA policy is also available if configuring a WLAN for the first time and there’s no
existing policies. Select the Edit icon to modify the configuration of a selected AAA policy.

Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling
access to the wireless client, enforcing user authorization policies and auditing and tracking
usage. These combined processes are central for securing wireless client resources and
wireless network data flows.

6. Select the Reauthentication option to force MAC supported clients to reauthenticate. Use the

spinner control set the number of minutes (30 - 86,400) that, once exceeded, forces the EAP
supported client to reauthenticate in order to use the resources supported by the WLAN.

7. Select OK when completed to update the WLAN’s MAC configuration. Select Reset to revert the

screen back to the last saved configuration.

MAC Authentication Deployment Considerations

MAC Authentication

Before defining a MAC authentication configuration on a WLAN, refer to the following deployment
guidelines to ensure the configuration is optimally effective:

MAC authentication can only be used to identify end-user devices, not the users themselves.

MAC authentication is somewhat poor as a standalone data protection technique, as MAC
addresses can be easily spoofed by hackers who can provision a MAC address on their device
to mimic a trusted device.

PSK / None

Configuring WLAN Security

Advertising
Popular Brands
Popular manuals