Enforcing Allow List for a Policy

To enforce and apply Allow List rules for a policy, complete the following steps:

  1. In the WebUI, select one of the following options:
    • To configure a Branch Gateway group, complete the following steps:
      1. Set the filter to a group containing at least one Branch Gateway.
        The dashboard context for a group is displayed.
      2. Click Gateways.
      3. Click the Config icon to view the Branch Gateway group configuration dashboard.
    • To configure a Branch Gateway, complete the following steps:
      1. Set the filter to Global or a group containing at least one Branch Gateway.
      2. Under Manage, click Devices > Gateways.
        A list of gateways is displayed in the List view.
      3. Click a gateway under Device Name.
        The dashboard context for the gateway is displayed.

      The HPE Aruba Networking gateway (independent or part of a group) that you want to configure must support Gateway IDS/IPS.

  2. Under Manage, click Security > Gateway IDS/IPS.
  3. Click the Config icon to open the Gateway IDS/IPS configuration page.
  4. Click the Policies tab.

    A consolidated list of policies is displayed in the Policies table with the following details:

    Table 1: Policies Panel

    Data Pane Content

    Description

    Name

    Displays the name of the policy.

    State

    Displays the policy state. Enable the toggle to activate a policy. You can enable one policy at a time. Enabling a new policy will disable the currently enabled policy. A policy takes few minutes to enforce.

    Mode

    Displays the mode of the policy:

    IDS Intrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network.: Signifies Intrusion Detection System.

    IPS Intrusion Prevention System. The IPS monitors a network for malicious activities such as security threats or policy violations. The main function of an IPS is to identify suspicious activity, log the information, attempt to block the activity, and report it. : Signifies Intrusion Prevention System.

    User Profile

    Displays the sensitivity of the user profile on which the policy is based.

    Security Strategy

    Displays the security level of the policy.

    Action

    The action taken to handle the threat.