Device Configuration 5 - 145
6. Select OK to save the updates made to the Auto IPSec Tunnel screen. Selecting Reset reverts the screen to its last saved
configuration.
5.2.7.3 Defining Profile Security Settings
Profile Security Configuration
A profile can leverage existing firewall, wireless client role and WIPS policies and configurations and apply them to the profile’s
configuration. This affords each profile a truly unique combination of data protection policies best meeting the data protection
requirements of the access point’s numerous deployment scenarios.
To define a profile’s security settings:
1. Select the Configuration tab from the Web UI.
2. Select Devices.
3. Select System Profile from the options on left-hand side of the UI.
4. Expand the Security menu and select Settings.
Figure 5-93 Profile Security - Settings screen
5. Select a firewall policy from the Firewall Policy drop-down menu. All devices using this profile must meet the
requirements of the firewall policy to access the network. A firewall is a mechanism enforcing access control, and is
considered a first line of defense in protecting proprietary information within the network. The means by which this is
accomplished varies, but in principle, a firewall can be thought of as mechanisms both blocking and permitting data traffic
within the network. If an existing Firewall policy does not meet your requirements, select the Create icon to create a new
firewall policy that can be applied to this profile. An existing policy can also be selected and edited as needed using the
Edit icon.
6. Select the WEP Shared Key Authentication radio button to require profile supported devices to use a WEP key to access
the network using this profile. The access point, other proprietary routers, and Motorola Solutions clients use the key
algorithm to convert an ASCII string to the same hexadecimal number. Clients without Motorola Solutions adapters need
to use WEP keys manually configured as hexadecimal numbers. This option is disabled by default.
7. Client Identity is a set of unique fingerprints used to identify a class of devices. This information is used to configure
permissions and access rules for devices classes in the network. Client Identity Group is a collection of client identities
that identify devices and applies specific permissions and restrictions on these devices. From the drop-down menu select
the client identity group to use with this device profile. For more information, see Device Fingerprinting on page 8-23.
8. Select OK to save the changes made within the Settings screen. Select Reset to revert to the last saved configuration.
IKE Life Time Set a lifetime in either Seconds (600 - 86,400), Minutes (10 - 1,440), Hours (1 - 24) or
Days (1) for IKE security association duration. The default is 8600 seconds.
To Next Page
Loading...
