8 - 2
WiNG 5.5 Access Point System Reference Guide
8.1 Wireless Firewall
Security Configuration
A firewall enforces access control, and is considered a first line of defense in protecting proprietary information within the
access point managed network. The means by which this is accomplished varies, but in principle firewalls are mechanisms that
block and permit data traffic within the network. Firewalls implement uniquely defined access control policies, so if you do not
have an idea of what kind of access to allow or deny, a firewall is of little value, and in fact could provide a false sense of
security.
With Motorola Solutions’ access points, firewalls are configured to protect against unauthenticated logins from outside the
network. This helps prevent hackers from accessing wireless clients within the network. Well designed firewalls block traffic
from outside the network, but permit authorized users to communicate freely outside the network.
Firewalls can be implemented in both hardware and software, or a combination of both. All traffic entering or leaving the
network passes through the firewall, which examines each message and blocks those not meeting the defined security criteria
(rules).
Firewall rules define traffic permitted or denied within the network. Rules are processed by a firewall device from first to last.
When a rule matches the network traffic processed by an access point, the firewall uses that rule's action to determine whether
traffic is allowed or denied.
Rules comprise of conditions and actions. A condition describes a packet traffic stream. A condition defines constraints on the
source and destination devices, the service (for example, protocols and ports), and the incoming interface. An action describes
what should occur to packets matching set conditions. For example, if a packet stream meets all conditions, traffic is permitted,
authenticated and sent to the destination device.
Additionally, IP and MAC rule based firewall filtering can be deployed to apply firewall policies to traffic being bridged by
radios. IP and MAC filtering can be employed to permit or restrict traffic exchanged between hosts, hosts residing on separate
WLANs or hosts forwarding traffic to wired devices.
For more information, refer to the following:
•
Defining a Firewall Configuration
•
Configuring IP Firewall Rules
•
Configuring MAC Firewall Rules
8.1.1 Defining a Firewall Configuration
Wireless Firewall
To configure a firewall:
1. Select
Configuration
tab from the Web user interface.
2. Select
Security.
3. Select
Wireless Firewall
to display existing firewall policies.
The
Wireless Firewall
screen lists
Denial of Service
,
Storm Control
and
Advanced Setting
tabs used to create the single
Firewall policy used by the access point and its connected devices. The
Denial of Service
tab displays be default.
Summary of Contents for AP-7131 Series
Page 1: ...Motorola Solutions WiNG 5 5 ACCESS POINT SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 14: ...x WiNG 5 5 Access Point System Reference Guide ...
Page 22: ...8 WiNG 5 5 Access Point System Reference Guide ...
Page 26: ...1 4 WiNG 5 5 Access Point System Reference Guide ...
Page 74: ...3 36 WiNG 5 5 Access Point System Reference Guide ...
Page 428: ...6 2 WiNG 5 5 Access Point System Reference Guide Figure 6 1 Configuration Wireless menu ...
Page 528: ...6 102 WiNG 5 5 Access Point System Reference Guide ...
Page 610: ...8 40 WiNG 5 5 Access Point System Reference Guide ...
Page 615: ...Services Configuration 9 5 Figure 9 2 Captive Portal Policy screen Basic Configuration tab ...
Page 656: ...9 46 WiNG 5 5 Access Point System Reference Guide ...
Page 670: ...10 14 WiNG 5 5 Access Point System Reference Guide ...
Page 682: ...11 12 WiNG 5 5 Access Point System Reference Guide ...
Page 721: ...Operations 12 39 Figure 12 40 Certificate Management Import New Trustpoint screen ...
Page 738: ...12 56 WiNG 5 5 Access Point System Reference Guide ...
Page 890: ...A 2 WiNG 5 5 Access Point System Reference Guide ...
Page 952: ...B 62 WiNG 5 5 Access Point System Reference Guide ...
Page 953: ......