Hello Community,
My name is Emmanuel Katto. I am currently managing a Ruckus SmartZone deployment and am looking for guidance on configuring network segmentation and security policies effectively. Our environment consists of multiple user groups, including staff, guests, and IoT devices, and I want to ensure that each segment is isolated while still allowing necessary connectivity for operations.
Here are the specifics of my setup:
- We have multiple access points configured under a single SmartZone controller.
- Our authentication method for staff is WPA2-Enterprise, while guests are using a captive portal with a guest access VLAN.
I want to ensure that staff, guest, and IoT devices are isolated from each other to minimize security risks. I’m considering using VLANs for this but would like advice on the best practices for implementation. I also want to Implement firewall rules or access control lists (ACLs) within SmartZone to regulate the traffic between these VLANs while allowing necessary services (like guest internet access and staff email).
Questions:
- What are the recommended steps for configuring VLANs in the Ruckus SmartZone for user segmentation?
- How can I best configure SmartZone's firewall rules to restrict access between these VLANs effectively?
- Are there any reporting templates or tools built into SmartZone that can help monitor traffic across these segments?
Any guidance, documentation, or shared experiences would be greatly appreciated.
Thank you!
Emmanuel Katto
