Articles in this section

XMS Cloud - Configuring a Layer 7 Application Control Policy

Harry Drewett
  • Updated
Follow

 

Purpose

The purpose of this guide is to configure a non-EasyPass Guest Access Portal with a Guest Wi-Fi SSID, and deploy this configuration to Xirrus and Cambium XV APs in Cambium XMS Cloud. 

Pre-Requisites:

  • The user must already have an XMS account.
  • The user must already have a Xirrus or Cambium XV Enterprise AP onboarded to their XMS account.

Step 1:

Log in to XMS cloud using your admin credentials. Upon login success, the My Network screen will be shown.

mceclip0.png

 

Step 2:

At the top of the page, select Profiles and open your network profile. 

1.PNG

 

Step 3:

Within your network profile, select the Policies icon. In the Policies page, there are options for Global, SSID, User Group, and Device policies.

In this example, we will be creating a Global Policy and an SSID PolicyGlobal Policies are applied to the Cambium/Xirrus WLAN as a whole, for all SSIDs and users, whereas SSID Policies only apply to specific SSIDs. 

To create a Global Policy select the Add Rule button from the Global Policy section. 

1.PNG

After clicking Add a Rule the policy wizard will open on the Firewall/ACL page. Select the Application Control icon to begin creating your Layer 7 Application Control Global Policy.

3.PNG

From the Category/Application drop-down menu, select the application you are intending to block or permit. In this example, we will be creating a policy that blocks BitTorrent throughout the WLAN. 

4.PNG

After selecting the Category/Application, you can choose to enable the rule, block or permit the application, and use auto-name to name the policy. After selecting these options, click the Create Rule button to finish. 

5.PNG

 

Step 4:

To create an SSID Policy first select the mceclip0.pngicon from the SSID Policy section of the Policies page. 

6.PNG

The SSID selection wizard will open. Select your SSID that you will be applying the policy to from the drop-down menu and click Create Policy to continue.

7.PNG

After clicking Create Policy the wizard will close and you will be taken back to the Policies page. In the SSID Policy section, click the Add a Rule button to begin creating your application control rule.

8.PNG

After clicking Add a Rule the policy wizard will open on the Firewall/ACL page. Select the Application Control icon to begin creating your Layer 7 Application Control SSID Policy.

3.PNG

From the Category/Application drop-down menu, select the application you are intending to block or permit. In this example, we will be creating a rule that blocks the Netfilx Site on this SSID. 

4.PNG

After selecting the Category/Application, you can choose to enable the rule, block or permit the application, and use auto-name to name the policy. After selecting these options, click the Create Rule button to finish. 

9.PNG

Repeat the process to create additional rules - in this example, we have created another rule that blocks the Netflix Video Stream application on this SSID in addition to the previous Netflix Site block rule. 

10.PNG

 

Step 5:

After creating your Global and SSID Policies, save your configuration by clicking the Save Configuration button, and deploy the configuration to the APs in the network profile by clicking the Push Now button from the configuration push pop-up. 

11.PNG

 

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.