8 - 2
WiNG 5 Access Point System Reference Guide
8.1 Wireless Firewall
A Firewall is a mechanism enforcing access control, and is considered a first line of defense in protecting proprietary
information within the wireless network. The means by which this is accomplished varies, but in principle, a Firewall
can be thought of as mechanisms both blocking and permitting data traffic within the wireless network. Firewalls
implement uniquely defined access control policies, so if you don't have an idea of what kind of access to allow or
deny, a Firewall is of little value, and in fact could provide a false sense of security.
With Motorola Solutions’ access points, Firewalls are configured to protect against unauthenticated logins from
outside the wireless network. This helps prevent hackers from accessing wireless clients within the access point
managed network. Well designed Firewalls block traffic from outside the network, but permit authorized users to
communicate freely outside the network.
Firewalls can be implemented in both hardware and software, or a combination of both. All messages entering or
leaving the wireless network pass through the Firewall, which examines each message and blocks those not meeting
the defined security criteria (rules).
Firewall rules define traffic permitted or denied within the wireless network. Rules are processed by a Firewall device
from first to last. When a rule matches the network traffic an access point is processing, the Firewall uses that rule's
action to determine whether traffic is allowed or denied.
Rules comprise conditions and actions. A condition describes a packet traffic stream. Define constraints on the source
and destination device, the service (for example, protocols and ports), and the incoming interface. An action describes
what should occur to packets matching set conditions. For example, if the packet stream meets all conditions, traffic
is permitted, authenticated and sent to the destination device.
Additionally, IP and MAC rule based Firewall filtering can be deployed to apply Firewall policies to traffic being
bridged by radios. IP and MAC filtering can be employed to permit or restrict traffic exchanged between hosts, hosts
residing on separate WLANs or hosts forwarding traffic to wired devices.
For more information, refer to the following:
•
Defining a Firewall Configuration
•
•
Configuring MAC Firewall Rules
8.1.1 Defining a Firewall Configuration
To configure a Firewall:
1. Select
Configuration
>
Security
>
Wireless Firewall
to display existing Firewall policies.
The
Wireless Firewall
screen lists
Denial of Service
,
Storm Control
and
Advanced Setting
tabs used to create
the single Firewall policy used by the access point and its connected devices. The Denial of Service tab displays
be default.
Содержание WiNG 5
Страница 1: ...Motorola Solutions WiNG 5 Access Point System Reference Guide ...
Страница 2: ......
Страница 10: ...viii WiNG 5 Access Point System Reference Guide ...
Страница 16: ...1 4 WiNG 5 Access Point System Reference Guide ...
Страница 28: ...2 12 WiNG 5 Access Point System Reference Guide ...
Страница 48: ...3 20 WiNG 5 Access Point System Reference Guide ...
Страница 197: ...Device Configuration 5 137 Figure 5 78 Profile Management Settings screen ...
Страница 335: ...Device Configuration 5 275 Figure 5 155 Profile Overrides Management Settings screen ...
Страница 348: ...5 288 WiNG 5 Access Point System Reference Guide ...
Страница 350: ...6 2 WiNG 5 Access Point System Reference Guide Figure 6 1 Configuration Wireless ...
Страница 448: ...6 100 WiNG 5 Access Point System Reference Guide ...
Страница 492: ...8 32 WiNG 5 Access Point System Reference Guide ...
Страница 538: ...9 46 WiNG 5 Access Point System Reference Guide ...
Страница 564: ...11 10 WiNG 5 Access Point System Reference Guide ...
Страница 606: ...12 42 WiNG 5 Access Point System Reference Guide ...
Страница 732: ...13 126WiNG 5 Access Point System Reference Guide Figure 13 67 Access Point Certificate Trustpoint screen ...
Страница 762: ...A 2 WiNG 5 Access Point System Reference Guide ...
Страница 801: ......