Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Configuration
What is the hierarchy of configuration?
HPE Aruba Networking Central allows you to configure at global, group, and device level. To configure SIEM Security Incident and Event Management (SIEM) is a server where Aruba IDPS sends the threat data to perform advanced analysis and generate reports. SIEM provides a holistic picture of the security posture by aggregating and correlating data from disparate sources in the network. on all IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it.-supported gateways added to HPE Aruba Networking Central, at a global level, select from the filter. Device configuration is done at the group and device level. To configure all IDPS-supported gateways at a group, select the group from the filter. To configure an individual IDPS-supported gateway, select a gateway from the filter.
What are the different modes of traffic inspection available?
In , there are two modes of traffic inspection available, namely and .
What happens when the inspection mode is set to IPS?
When the inspection mode is set to , the traffic engine enforces the IPS Intrusion Prevention System. The IPS monitors a network for malicious activities such as security threats or policy violations. The main function of an IPS is to identify suspicious activity, log the information, attempt to block the activity, and report it. strict policy, which intrudes malicious traffic by dropping packets based on the rule match.
What does the ruleset version signify?
A ruleset version displays the current version of applied ruleset. It is recommended to keep the latest version for effective traffic inspection.
Can I bypass large dataflows from inspection?
Yes, you can bypass the large dataflows transfers or large dataflows using the Bypass Inspection for Large Dataflows toggle switch on the Gateway IDS Intrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network./IPS configuration page. You must add the respective port number to bypass it from scanning. By default, the bypass inspection for large dataflow is disabled. For more information, see Manage Rules in IDPS Policies.
