Extreme Networks

Simon_Read · ‎08-19-2015

After a potential hacking attempt I've been asked to look into reducing or disabling the coverage area of AP's after business hours.

The AP's are all on power bricks, so that rules out doing anything with the switch I guess. This is not a function I remember or can find on the Controller, but wondered if anybody had any bright ideas?

Obviously they would need to extend their coverage in the morning.

Thanks in advance.

Charlie_Altherr · ‎08-19-2015

I would do this with policy and NAC. This would assume you have both available. The policy would be a deny all or could be deny some, allow other. The NAC would have a time group and location group defined. The time group would be the off hours/days you wish to restrict or deny access. The location group would define the access points/SSIDs or combination that you want to restrict or deny. A rule would be created in the NAC that would call the deny policy when the location and time groups condition are met. This not only accomplishes your immediate goal, but allows flexibility should your goals change, such as how much restriction to impose or different restrictions for different APs or SSIDs.

Dewald_Botha1 · ‎08-19-2015

Will do. Thanks.

Drew_C · ‎08-19-2015

Can I ask you to create a new topic so the community can help you out with that?

Dewald_Botha1 · ‎08-19-2015

HI Drew,

That link will work for the interim and I will certainly use it. However for the long term the client does want guest (walk in) registration. I did see that it is totally possible with NAC - but I am finding it hard to successfully create it myself.

Extreme Networks

Is it possible to limit or kill the output from AP's after hours?

Is it possible to limit or kill the output from AP's after hours?