Threat Management Map?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Threat Management Map?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Threat Management Map?
Threat Management Map?
2023-07-14 22:22:44 - last edited 2023-08-15 01:48:43
Model: OC200  
Hardware Version: V2
Firmware Version: 5.11

Anyone used this Threat Managemant Map?  I went to the site to grab an API for it, you got to sign up and it wants a credit card.  Anyone used it, got screen shots of what it looks like/does fully etc?

 

 

  1      
  1      
#1
Options
2 Accepted Solutions
Re:Threat Management Map?-Solution
2023-08-15 01:48:37 - last edited 2023-08-15 01:48:43

Hello @RBL,

 

After confirming with the engineer support team, this feature needs the Omada devices to upgrade the firmware to adapt with.

Please keep an eye on our official website or this post for any updates on the firmware release.

If you have any further questions or concerns, please feel free to ask. Thank you!

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  1  
  1  
#7
Options
Re:Threat Management Map?-Solution
2023-12-26 14:19:00 - last edited 2023-12-27 00:55:36

  @Hank21 
Reply from support engineer:

Just got the conclusion, this issue is a known issue in the trial firmware ER707-M2 V1_1.1.1 Build 20230927, and it has been fixed in the formal version firmware, which has not released yet.
 

The formal firmware is expected to be released in the next few days, you can wait for the formal release.

Recommended Solution
  0  
  0  
#19
Options
22 Reply
Re:Threat Management Map?
2023-07-15 09:50:29

  @MrHC1983 

You shouldn't need a credit card to sign up for the free dev a/c

it doesn't seem to do much (yet) but presumably gives a  map showing where IPs of attempted intrusions originate from

  1  
  1  
#2
Options
Re:Threat Management Map?
2023-07-15 11:22:36 - last edited 2023-08-14 10:12:31

  @MrHC1983 Ubiquiti has this feature and its fully functional. I assume TP-Link is headed in the same general direction.  On Ubiquiti it shows where threats originated, how much data has transferred, and lets you selectively block communication for incoming, outgoing or both selectively by origination. 

 

If they can match that functionality successfully it would be a very nice addition because I have used it extensively.

  3  
  3  
#3
Options
Re:Threat Management Map?
2023-08-11 14:31:49 - last edited 2023-08-11 14:45:42

interesting, maybe @Fae or @Hank21  is able to tell us some more as I saw this too, but it does seem to do anything... Is there a device which already supports it?

  0  
  0  
#4
Options
Re:Threat Management Map?
2023-08-14 05:37:11

Hello @RBL,

 

This map function has been added on the Omada Hardware Controller v5.9.32, you need to enter the Mapbox API Access Token with the default public token scopes to use the function. Divided into Site Map and Device Map, you can set the latitude and longitude for each site and each device.

Please confirm the firmware version of your OC200 is the latest one.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#5
Options
Re:Threat Management Map?
2023-08-14 06:59:52 - last edited 2023-08-14 07:15:41

Hank21 wrote

Hello @RBL,

 

This map function has been added on the Omada Hardware Controller v5.9.32, you need to enter the Mapbox API Access Token with the default public token scopes to use the function. Divided into Site Map and Device Map, you can set the latitude and longitude for each site and each device.

Please confirm the firmware version of your OC200 is the latest one.

  @Hank21 

 

Thanks for your swift reply, I am currently running the follow devices, all devices are running the same version:

 

Model

Model:  Firmware Version:
OC200 1.0 1.25.2 Build 20230704 Rel.64541

TL-R605 v1.0

1.3.0 Build 20230511 Rel.51317
TL-SG2218 v1.0 1.1.8 Build 20230602 Rel.73473
TL-SG2210P v3.20 3.20.9 Build 20230602 Rel.73473
EAP245(EU) v3.0 5.1.0 Build 20230104 Rel. 79433
EAP225-Outdoor(EU) v1.0 5.1.0 Build 20220926 Rel. 62456

 

The Mapbox API Access Token has been entered, but there is no traffic or whatever. I am probably doing something wrong, but it remains empty:

Edit: typo

  1  
  1  
#6
Options
Re:Threat Management Map?-Solution
2023-08-15 01:48:37 - last edited 2023-08-15 01:48:43

Hello @RBL,

 

After confirming with the engineer support team, this feature needs the Omada devices to upgrade the firmware to adapt with.

Please keep an eye on our official website or this post for any updates on the firmware release.

If you have any further questions or concerns, please feel free to ask. Thank you!

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
Recommended Solution
  1  
  1  
#7
Options
Re:Threat Management Map?
2023-08-15 08:40:38

Hello  @Hank21  Thank you, according to the link, I assume it is only the router which needs to have an update. Thanks. we are eagerly waiting for the update.

  0  
  0  
#8
Options
Re:Threat Management Map?
2023-12-13 13:00:36

@Hank21  as I couldn't resist on trying the new Threat Management Map, I bought a new ER-707-M2 v1.0 and instantly updated the firmware with the latest beta.Inserted the API key. And although I see some traffic from malicious endpoints to one of my webservers, I see nothing on the map:



But I do have some anomalies in my Threat Management List:

And the details of one of those:


Apparently it is not doinge a geo lookup as it also does not show the location.

Just tried several pentesting tools to my IP, but these do not show up either.

What am I doing wrong?

  0  
  0  
#9
Options
Re:Threat Management Map?
2023-12-14 09:37:45 - last edited 2023-12-22 02:38:10

Hi @RBL

 

After confirming with the support engineer, there is nothing on the map because there is no geolocation information in the generated logs.
And there are the possible reason for the absence of geolocation information in the logs:

 

The GEO Enforcer option is not enabled on the IPS configuration page.

 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#10
Options
Re:Threat Management Map?
2023-12-14 10:19:23

  @Hank21 thanks for your swift reply, you mean this setting:


This setting was already enabled. If I check the site map, via the controller overview, I see the following:


But still nothing on the Thread Management Map, is there something else I need to/can do?

currently I have the following devices:
1x OC200 1.0 (1.28.1 Build 20231117 Rel.58466)
1x ER707-M2 v1.0 (1.1.1 Build 20230927 Rel.35167)
1x TL-SG2218 v1.0 (1.1.8 Build 20230602 Rel.73473)
3x TL-SG2210P v3.20 (3.20.9 Build 20230602 Rel.73473)
3x EAP245(EU) v3.0 (5.1.0 Build 20230104 Rel. 79433)
2x EAP225-Outdoor(EU) v1.0 (5.1.1 Build 20230921 Rel. 63318)

 

  0  
  0  
#11
Options