Intrusion Detection and Other Security Configuration Need to Consider in OMADA SDN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Intrusion Detection and Other Security Configuration Need to Consider in OMADA SDN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Intrusion Detection and Other Security Configuration Need to Consider in OMADA SDN
Intrusion Detection and Other Security Configuration Need to Consider in OMADA SDN
2020-11-02 19:41:15
Model: OC200  
Hardware Version: V4
Firmware Version: 1.7.0 Build 20200703 Rel.59609

I have Total 14 225EAP outdoor on mesh setup with OMADA SDN OC200 Controller with unmanaged switch TPLINK TP-TL1008MP configuration mixed with CPE510.

Those remotely deployed EAP in our community are powered by their package POE Adaptor. I have a mixed operational setup requirements as follows.

1. 1 225EAP outdoor wireless connection to other EAP225 outdoor were the first eap225 allowed to connect another router on poe port.

2. End-user authorize to use repeater wirelessly connected to eap225 voucher authentication (configure single voucher authentication per device).

3. Restrict other 225EAP POE adaptor lan port.

 

In scenario 1 requirement, what is the way to control bandwidth and ways to identify if other eap in mesh not connected by another router similar configuration for item 1. since only one eap which connected via wireless allowed to extend or redistribute wifi on their place using other router to link via wired to poe lan port of mesh eap225.

 

In scenario 2, how I can restrict other devices (no voucher) that are also connected to the repeater of one user with a single voucher authorize. What happen here instead of multiple voucher to sale some other user with repeater and their device connected to it can authorize link of repeater to eap225 outdoor and the rest of family member in household can share a single repeter connected with single voucher only. is there's a way to block non voucher devices? but challenges they are not visible to your omada sdn system? (I manage to discover using other tools to scan those device hook up in looks like single device seen in omada).

 

In scenario 3 what is the customize security configuration to EAP to block specific lan port of  chosen POE where centralize configuration still in effect in this selected EAP225 outdoor aside to its special blocking configuration for its own POE LAN Port.

 

Appreciate if someone can share their experience and solution to my concern related to security and suggest some other tools to help omada sdn for similar intrusion detection features or equivalent capacity.

  0      
  0      
#1
Options