Manualshelf

User Manual Part 6

ManualsBrandsMojo Networks ManualsElectronicsSpectraGuard Access Point / Sensor
12345678910
Administration Tab
SpectraGuard® Enterprise User Guide
280
Intrusion Prevention Policy
You can enable intrusion prevention against the following threats:
Rogue APs: APs connected to your network but not authorized by the administrator; an attacker can gain access to
your network through the Rogue APs. You can also automatically quarantine Uncategorized Indeterminate and
Banned APs connected to the network.
Mis-configured APs: APs authorized by the administrator but do not conform to the security policy; an attacker
can gain access to your network through misconfigured APs. This could happen if the APs are reset, tampered with,
or if there is a change in the security policy.
Client Mis-associations: Authorized Clients that connect to Rogue or External (neighboring) APs; corporate data
on the Authorized Client is under threat due to such connections. AirTight recommends that you provide automatic
intrusion prevention against Authorized Clients that connect to Rogue or External APs.
There is a special intrusion prevention policy for the smart devices that are not approved. Even if a current client
policy restricts authorized clients from connecting to a guest AP, an unapproved smart device can still be allowed to
do so. One needs to explicitly allow or restrict unapproved smart devices from connecting to a guest AP.
Refer to the section Smart Device Detection in the Devices Tab chapter for more information.
Click Special Handling for Smart Devices to enable special handling for unapproved smart devices. You can allow
the unapproved smart device to connect to a guest AP only. To do this,
1. Select Enable Special Handling for Unapproved Smart Devices.
2. Select Allow connection to Guest AP, but not Authorized AP.
To disallow the unapproved smart device from connecting to both a guest AP as well as an authorized AP, select Do
not allow connection to Guest AP and Authorized AP.