Owners manual
(Instant AP)# commit apply
Example
(Instant AP)(config)# wlan access-rule employee
(Instant AP)(Access Rule "employee")# rule any any match app deny throttle-downstream 256
throttle-up 256
(Instant AP)(Access Rule "employee")# rule any any match appcategory collaboration permit
(Instant AP)(Access Rule "employee")# end
(Instant AP)# commit apply
Configuring Web Policy Enforcement
You can configure Web Policy Enforcement on an IAP to block certain categories of websites based on your
organization specifications by defining ACL rules either through the Instant UI or CLI.
In the Instant UI
1. Navigate to Security >Roles.
2. Select any WLAN SSID or wired profile role, and click New in the Access Rules section. The New Rule window
appears.
3. Select the rule type as Access Control.
4. To set an access policy based on the web category:
a. Under Services, select Web category and expand the Web categories drop-down.
Figure 84
b. Select the categories to which you want to deny or allow access. You can also search for a web category and
select the required option.
c. From the Action drop-down, select Allow or Deny as required.
d. Click OK.
5. To filter access based on the security ratings of the website:
a. Select Web reputation under Services.
b. Move the slider to the required security rating level. Move the slider to select a specific web reputation value to
deny access to websites with a reputation value lower than or equal to the configured value or to permit
access to websites with a reputation value higher than or equal to the configured value. The following options
are available:
n Trustworthy - These are well known sites with strong security practices and may not expose the user to
security risks. There is a very low probability that the user will be exposed to malicious links or payloads.
Aruba Instant 6.4.0.2-4.1 | User Guide Deep Packet Inspection and Application Visibility | 250