Skip to content

v.0.9.4. Audit check for Vocera (beta), multiple new checks, and fixes

Latest
Latest
Compare
Choose a tag to compare
@jacontre-c jacontre-c released this 17 Feb 18:22
· 43 commits to master since this release
v.0.9.4
86e4cac

Features

  • Added rogue rule parsing, needed on some of the new checks
  • Added Client types table in XLS report

New Checks:

  • 240024: For Guest/webauth WLANs, it is advisable to enable Peer to Peer blocking. WLAN(s): {0}
  • 240025: For Guest/webauth WLANs, it is advisable to enable Peer to Peer blocking. WLAN(s): {0}
  • 240026: For Guest/webauth WLANs, it is to set the Policy Profile QoS to Bronze. WLAN(s)/Policy: {0}
  • 230091: It is recommended to use either radius or tacacs+ as part of the default login method"
  • 230092: Rogue detection should be configured to report on AdHoc Rogue Access Points
  • 230093: Excessive 802.11 association failures client exclusion policies should be enabled in WPS policies
  • 230094: Excessive 802.1x authentication failures client exclusion policies should be enabled in WPS policies
  • 230095: IP Theft failures client exclusion policies should be enabled in WPS policies
  • 230096: Excessive webauth authentication failures client exclusion policies should be enabled in WPS policies
  • 230097: SNMPv2 community string detected, it is advisable to move to SNMPv3 with authentication and privacy if supported by management software
  • 230098: SNMPv1 trap destination detected, it is advisable to move to SNMPv3 with authentication and privacy if supported by destination
  • 270002: Mesh full sector DFS should be enabled. Mesh profiles: {0}

Fixes

  • AireOS WLAN export shows load balancing as always enabled
  • MacOS build not generating Graph export
Assets 2
Loading