06-23-2021 09:20 AM
Why is there no way to see L2/L3 firewall data? Given how important it is that the firewall functionality works correctly, why do you not provide any way to see traffic that the firewall is allowing or blocking? Even if you only provided this data to a 3rd party device such as via syslog or Northbound interface, it should still be something we can look at.
Please add this capability in future releases. For anyone else reading this, please chime in so that Ruckus understands the importance of providing firewall traffic visibility. I'm very tired of constantly having to spin up a wireless device to verify if traffic is being blocked correctly.
06-24-2021 07:18 AM
Firewall option in vSZ is not a traditional Firewall, it uses the ACLs on APs/WLANs and none of the data hits controller.
Since it is not a traditional firewall, insights to blocked traffic is limited to AP CLI.
Please contact your regional Ruckus System Engineer or sales team, they will help you to open a feature request behalf of you.
06-28-2021 12:12 AM
This is actually a good idea, I would say it would be usefull part of client troubleshooting, not existing yet. Most data used for analyses are got from APs, so it should be not a problem for AP reporting ACL statistics. It would be very useful to be able to check where a specific type of traffic is lost or if it is forwarded - to be able to distinguish if the Client gets a specific port blocked on the client, on AP, or somewhere after that -- on the network firewall or on the Internet. it should be an on-demand feature, as logging all traffic will be heavily hitting the performance of AP, as well as it would create a lot of traffic. Currently, you can do it using remote traffic capture with wireshark, and it is already used for DHCP monitoring, so it just needs to be expanded.
It would be good to add such feature to Ruckus Analytics too.