User Manual Part 6
Administration Tab
SpectraGuard® Enterprise User Guide
272
Description: Write a short description to help identify the SSID template
Network Protocol allows you to select the allowed 802.11 protocols for the SSID:
Any: Allow APs with any network protocol for this SSID
Select: Specify the 802.11 protocol on which the system allows the APs connected to the network to
operate–802.11 a, 802.11 b/g, and 802.11b only
AP Capabilities allows you to select the additional capabilities that Authorized APs may have. If you select any
of these advanced capabilities, the classification logic allows APs with and without these capabilities. Select one of
the following:
Any: Allow APs with any special capability for this SSID
Select: Specify if the AP uses any Turbo/Super techniques used by Atheros to get higher throughputs–
Turbo, 802.11n, and SuperAG
Cisco MFP (802.11w) allows you to make classification decisions on Cisco Management Frame Protection(MFP)
capability if 802.11w checkbox is selected under Security Settings:
Any: Policy does not check for MFP; both Cisco MFP enabled and disabled APs are classified as
Authorized
Select: Policy checks for MFP
Cisco MFP Enabled: Select to classify only Cisco MFP supporting APs as Authorized APs
Cisco MFP Disabled: Select to classify non-Cisco MFP supporting APs as Authorized APs
Security Settings allows you to select the security protocol(s) for the SSID:
Any: Allow any security protocol for this SSID.
Select: Specify the exact security protocol(s) for this SSID from the list: 802.11i, WPA, Open, and WEP.
Encryption Protocols allows you to select encryption protocol(s) for the SSID:
Any: Allow any encryption protocol (including no encryption) for this SSID.
Select: Specify the exact encryption protocol(s) for this SSID from the list: WEP40, WEP104, TKIP, and
CCMP. Note that encryption protocols selection panel gets enabled only when WPA or 802.11i is selected.
Authentication Framework allows you to select authentication protocol(s) for the SSID:
Any: Allow any authentication protocol (including no authentication) for this SSID.
Select: Specify the exact authentication protocol(s) for this SSID from PSK and 802.1x (EAP). Note that
authentication protocols selection panel gets enabled only when WPA or 802.11i is selected.
Authentication Types allows you to select the allowed higher layer authentication types that Clients can use
while connecting to the SSID. Authentication types do not determine the classification of APs, but are used to raise an
event if a Client uses non-allowed authentication type. The system raises this event only if the system sees
authentication protocol handshake frames.
Any: Allow any higher layer authentication type for Clients connecting to this SSID.
Select: Specify the exact authentication type(s) that Clients can use (only if 802.1x is selected) from the
list: PEAP, EAP-TLS, LEAP, EAP-TTLS, EAP-FAST, and EAP-SIM.
Allowed Networks allows you to select the network(s) where wireless traffic on the SSID is to be mapped
through Authorized APs:
Any: Allow wireless traffic on this SSID to be mapped to any network.
Select Networks: Specify the exact networks where wireless traffic on this SSID is to be mapped through
Authorized APs. You can either choose from networks that are discovered automatically by the system or add
new networks that are not yet discovered by the system.
Click <Select Networks> to open Allowed Networks for SSID dialog where you can move a
network from Networks Monitored by the System to Allowed Networks for this SSID and add or
delete networks.
Under Allowed AP Vendors, select one of the following:
Any: Allow APs manufactured by any vendor to connect to the system.
Select Vendors: Select the manufacturer of the AP for the specified SSID.
SSID Templates