I would like to know if there is a way to isolate all guest devices connected through cable to H510 ethernet ports (LAN1 - LAN4) in the same way as it can be configured for WLAN (by Wireless Client Isolation / Isolation Whitelist) ? I want to ensure that all wired devices connected to ap A are unable to communicate with wired devices connected to ap B, when all ethernet ports on ap A and ap B are in the same VLAN. Is it even possible?
I'm not sure on Ruckus WAPs itself, but a standard security practice in hospitality is to isolate L2 on your switches. That means that you do not allow your switch ports that have WAPs to talk to each other, only allowing it to talk to uplinks or Gateway.
This concept of port isolation is also known as Private VLAN. Most major switch manufacturers (HP/Aruba, Cisco, Brocade I know do for sure) support this functionality on managed switches.
Thank you for response. I know the standard security practice to isolate L2 using Private VLAN and also port protection as in Brocade or other 'big' vendors. But in our deploymnet we have 3rd vendor small access switches, where the APs are connected to. These switches doesn't support PVLAN or port protection. This is why I'm asking for isolation on ZF H510.