Security Common Objects

Read about security common objects in this topic.

Security Common Objects

Security objects include protocols that protect network resources from unauthorized client access. Objects also can block certain traffic types from the network. Security objects include captive web portal, IP and MAC firewall policies, traffic filters, and WIPS (wireless intrusion prevention system) policies.

IP Firewall Policies:

"IP Firewall Policies"

"IP Firewall Policies"

MAC Firewall Policies

"MAC Firewall Policies"

"MAC Firewall Policies"

"MAC Firewall Rules"

Traffic Filters

"Traffic Filters"

Workflow Reference

"Traffic Filters"

WIPS Policies

Workflow reference

"WIPS"

Security Objects Description Summary

IP Firewall Policies: You can add, modify, and delete IP Firewall policies including permitting or dropping network services and applications between stations. IP firewall policies are applied on Extreme Networks APs and wired clients connected to SR2024, SR2024P, SR2124P, and SR2148P. Extreme Networks SR Series switches. By extending IP firewall support to the switches, Extreme Networks allows you to define an IP firewall policy that is independent of wireless or wired access to your network. The IP firewall is configured in Layer 3 for APs and in Layer 2 for switches.

MAC Firewall Policies: You can add, modify, and delete MAC firewall policies including permitting or dropping network services and applications between stations. MAC Firewall policies are applied on Extreme Networks APs and applied within user profiles. A MAC firewall policy allows you to deny traffic to or from specific MAC addresses.

Traffic Filters: You can add, modify, and delete traffic filter objects. The traffic filter allows you to configure settings for which types of management traffic you want to allow to the mgt0 interfaces on Extreme Networks devices through their Ethernet access interfaces and Ethernet and wireless backhaul interfaces. Management traffic can include which diagnostic services a device is permitted to receive. Examples include SSH, SNMP, Telnet, and ping traffic.

WIPS Policies: You can add, modify, and delete WIPs policy (wireless intrusion prevention system) objects. This includes selecting MAC OUIs of wireless devices that are permitted in the WLAN, and enabling the detection of unauthorized access points in the area surrounding the device.