Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Troubleshooting
You can enable the IDPS Intrusion Detection and Prevention System (IDPS) monitors, detects, and prevents threats in the inbound and outbound traffic. Aruba IDPS provides an extra layer of protection that actively analyzes the network and takes actions on the traffic flows based on the defined rules. It inspects data packets, and if any threat is identified, acts real-time to prevent it. engine to capture malicious data packets to analyze the root cause and troubleshoot.
Before You Begin
Prerequisite:
- You must have an active gateway subscription with Security license.
- You must have successfully on-boarded and connected the Branch Gateways to HPE Aruba Networking Central.
To troubleshoot Gateway IDS/IPS, complete the following steps:
- In the WebUI, complete one of the following steps:
-
To select a gateway group:
-
In the HPE Aruba Networking Central app, set the filter to a group that contains at least one Branch Gateway.
The dashboard context for a group is displayed.
-
Under
, click > .A list of gateways is displayed in the List view.
-
Click
.The configuration page is displayed for the selected group.
-
-
To select a gateway:
-
In the HPE Aruba Networking Central app, set the filter to Global or a group that contains at least one Branch Gateway.
-
Under
, click > .A list of gateways is displayed in the List view.
-
Click a gateway under
.The dashboard context for the gateway is displayed.
-
Under
, click .The gateway device configuration page is displayed.
-
- Under , click > .
- Click the IDS Intrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network./IPS Intrusion Prevention System. The IPS monitors a network for malicious activities such as security threats or policy violations. The main function of an IPS is to identify suspicious activity, log the information, attempt to block the activity, and report it. configuration page. icon to open the Gateway
- In the tab, select the check box.
- Click Save.
The HPE Aruba Networking gateway (independent or part of a group) that you want to configure must support Gateway IDS/IPS.
After enabling traffic inspection:
- A dialog pops up. The refresh button allows you to extend large packet capture for another 10 minutes. By default, the traffic inspection configuration is disabled after being active for 10 minutes. If you wish to extend the configuration, click the refresh button.
- The HPE Aruba Networking 9004 Branch Gateway starts sending threat data to HPE Aruba Networking Central. By default, only 256 bytes of data are sent to HPE Aruba Networking Central. However, if you enable traffic inspection, up to 4096 bytes of data in the packet are sent to HPE Aruba Networking Central.