5 - 136 WiNG 5.5 Access Point System Reference Guide
Figure 5-85 Profile Security - Source Dynamic NAT screen - Add Row field
10. Select OK to save the changes made within the Add Row and Dynamic NAT screens. Select Reset to revert to the last
saved configuration.
5.2.7.7 Profile Security Configuration and Deployment Considerations
Profile Security Configuration
Before defining a profile’s security configuration, refer to the following deployment guidelines to ensure the profile
configuration is optimally effective:
• Ensure the contents of the certificate revocation list are periodically audited to ensure revoked certificates remained
quarantined or validated certificates are reinstated.
• NAT alone does not provide a firewall. If deploying NAT on a profile, add a firewall on the profile to block undesirable
traffic from being routed. For outbound Internet access, a stateful firewall can be configured to deny all traffic. If port
address translation is required, a stateful firewall should be configured to only permit the TCP or UDP ports being
translated.
To Next Page
Loading...
