Extreme Networks Altitude 4700 Series Product Reference Manual page 151

NOTE
If 802.11a/n is selected as the radio used for the WLAN, the WLAN cannot use a Kerberos supported
security policy.
4 Configure the Security field as required to set the data protection requirements for the WLAN.
NOTE
A WLAN configured to support Mesh should not have a Kerberos or 802.1x EAP security policy defined
for it, as these two authentication schemes are not supported within a Mesh network.
Security Policy
MU Access Control Select an ACL policy suiting the WLAN's MU
Kerberos User
Name
Kerberos Password Enter a Kerberos password if Kerberos has been selected
5 Configure the Advanced field as required to set MU interoperability permissions, secure beacon
transmissions, broadcast ESSID acceptance and Quality of Service (QoS) policies.
Disallow MU to MU
Communication
Use Secure
Beacon
Accept Broadcast
ESSID
Altitude 4700 Series Access Point Product Reference Guide
Use the scroll down Security Policies menu to select the
security scheme best suited for the new or revised WLAN.
Click the Create button to jump to the New Security Policy
screen where a new policy can be created to suit the
needs of the WLAN. For more information, see
"Configuring WLAN Security Policies" on page 152
interoperability requirements from the drop-down menu. If
the existing ACL policies do not satisfy the requirements of
the WLAN, a new ACL policy can be created by pressing
the Create button. For more information, see
a WLAN Access Control List (ACL)" on page
Displays the read-only Kerberos User Name used to
associate the wireless client. This value is the ESSID of
the Access Point.
as the security scheme from within the Security Policies
field. The field is grayed out if Kerberos has not been
selected for the WLAN. For information on configuring
Kerberos,
The MU-MU Disallow feature prohibits MUs from
communicating with each other even if they are on
different WLANs, assuming one of the WLAN's is
configured to disallow MU-MU communication. Therefore,
if an MU's WLAN is configured for MU-MU disallow, it will
not be able to communicate with any other MUs connected
to this Access Point.
Select the Use Secure Beacon checkbox to not transmit
the Access Point's ESSID. If a hacker tries to find an
ESSID via an MU, the ESSID does not display since the
ESSID is not in the beacon. Extreme Networks
recommends keeping the option enabled to reduce the
likelihood of hacking into the WLAN.
Select the Accept Broadcast ESSID checkbox to associate
an MU that has a blank ESSID (regardless of which
ESSID the Access Point is currently using). Sites with
heightened security requirements may want to leave the
checkbox unselected and configure each MU with an
ESSID. The default is selected.
.
"Configuring
153.
151