Bridge GUI Guide: Security Configuration
122
NOTE:
The cur-
rent
Cleartext
traf-
fic setting is shown in
the upper left of all
Bridge GUI screens (re-
fer to Section 5.1).
Encrypted-interface cleartext traffic must be enabled to support
AP management rules on the Bridge and Trusted Device
access to the Bridge’s encrypted zone. In FIPS terminology,
when clear text is enabled on the Bridge’s encrypted
interfaces, the Bridge is in
FIPS Bypass Mode
.
Disabling cleartext traffic on encrypted interfaces after AP
management rules or Trusted Devices have been configured
will not remove them from the configuration. Because these
devices cannot decrypt encrypted traffic, however, the Bridge
will not be able to communicate directly with them until
cleartext traffic is permitted on encrypted interfaces. 802.1X
devices will likewise be unable to access the Bridge-secured
network when cleartext traffic on encrypted interfaces is
blocked.
You can enable/disable cleartext traffic only in Advanced View.
4.1.11
Encrypted Interface Management Access
By enabling or disabling
Encrypted Interface Management
, you
can control whether or not the Bridge’s management interface
can be accessed on interfaces enabled for Fortress Security
(refer to sections 3.3.4.13 and 3.7.4 for wireless and Ethernet
interfaces, respectively).
Encrypted Interface Management
applies to any connection to
an encrypted interface on the current Bridge:
local Fortress Secure Client connections
connections through a remote Fortress controller device
bridging links between networked Fortress Bridges
authorized clear devices when
Guest Management
is
Enabled
(Section 4.1.12, below)
Encrypted Interface Management
is
Enabled
by default.
If
Encrypted Interface Management
is
Disabled
, you will be able
to manage the Bridge only through a clear interface (or through
the serial Console port).
You can enable/disable
Encrypted Interface Management
only in
Advanced View.
4.1.12
Guest Management
You can control whether or not the Bridge’s management
interface can be accessed by authorized cleartext devices
(Section 4.5.3) on encrypted interfaces on the Bridge by
enabling or disabling
Guest Management
.
Guest Management
is
Disabled
by default, and
Trusted Devices
are not allowed to access the Bridge’s management interface.
The
Encrypted Interface Management
above) overrules
Guest Management
. When
Encrypted Interface
Management
is
Disabled
, no management access is permitted