How to protect your network devices using Nebula Switches?
Users have received alerts indicating unfamiliar devices attempting to access their network equipment. This includes their Nebula switches.
Creating firewall policies have safeguarded their router; however, the Nebula switches still encounters attempted HTTP/FTP access. This is because network switches are usually located under gateways/routers/firewalls. This makes switches more accessible than most devices.
Users who are not familiar with setting a management VLAN can use the Nebula switch's IP Filtering to protect their network devices by black-listing devices attempting to access their network equipment.
SETUP/STEP BY STEP PROCEDURE:
1. Set static IP addresses for your network equipment. This includes the administrator's PC/laptop/notebooks.
2. Sign-in to Nebula CC and go to SWITCH > Configure > IP Filtering.
3. Create IP Filtering rules:
Policy [ Deny ]
Protocol [ Any ]
Source [ IP address of device attempting access ]
Src Port [ Any ]
Destination [ IP address of network equipment(s) ]
Dst Port [ Any ]
VLAN [ Any ]
4. Make sure the Enabled box is checked and Save settings.
1. Connect a device set with the IP address of the device attempting access.
2. Device should not be able to access HTTP//HTTPS/FTP/SSH/Telnet/SNMP of network equipment(s).