Profile

CommunityPlatform_1350x900.jpg

JJ Minella

Edit My Profile

My Content

1 to 20 of 28 total

RE: VLAN Pruning AP Ports

Posted By JJ Minella 04-18-2024 09:44:28 AM
Found In Egroup: Network Management \ view thread
Good point, thanks Chuck! Also Aruba does some weird crap when it comes to load balancing that traffic (specifically tunnels/Aps). I don't know if the same weirdness occurs in Gateways as Controllers, but if you see something bizarre that doesn't make sense, definitely ask, but it may be by design. ...

Major bugs in PuTTY, Palo Alto major vuln with new guidance

Posted By JJ Minella 04-18-2024 09:15:00 AM
Found In Egroup: Wireless Local Area Networking \ view thread
I imagine most of us use PuTTY, so sharing this along with a quick update on this week's new Palo Alto vulnerability – which is pretty bad. They've changed their mitigation guidance. PuTTY vulnerability impacts private keys CVE-2024-31497 in PuTTY versions 0.68 through 0.80 TL:DR Can allow attackers ...

RE: VLAN Pruning AP Ports

Posted By JJ Minella 04-18-2024 08:51:55 AM
Found In Egroup: Network Management \ view thread
Hi Brandon! Here are a few options to consider, loosely in the order I'd recommend based on the limited info. Tunnel the AP client traffic. With Aruba Central you can keep the management/control in the cloud and use an Aruba appliance in Gateway mode as a tunnel termination device on-prem (virtual ...

Looking for HPE MSM765 Wireless Controller Support Attachments

Posted By JJ Minella 12-20-2023 07:40:20 AM
Found In Library: Wireless Local Area Networking

RE: Looking for HPE MSM765 Wireless Controller Support

Posted By JJ Minella 12-20-2023 07:40:00 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Tom- see attached! I found a few docs. This is one. See Module 8 "Teaming". For others please email me directly – I won't send further emails to the group thread but I don't see your email address to send it directly. -jj HOLIDAY SHOPPING? Give the gift of ...

RE: Looking for HPE MSM765 Wireless Controller Support

Posted By JJ Minella 12-20-2023 07:06:58 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Hi Tom! RE: MSMs. I used to be MASE (master ASE) certified on that platform, and managed many, many deployments. It has been a looonnng time so I'm marginally useful. If no one replies let me know and I'll see if I can help or snag a prior HP/MSM/Colubris engineer. Oddly with timing, I'm wrapping up ...

RE: Wireless Tools

Posted By JJ Minella 12-01-2023 07:26:52 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Hamina heard that loud and clear and does their licensing very differently. And because it's web-based there aren't crazy dongles and keys and anyone you want to share the design with can view and even comment/interact with it via web browser. HOLIDAY SHOPPING? Give the gift of secure Wi-Fi ...

RE: Wireless Tools

Posted By JJ Minella 11-05-2023 08:51:47 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Hi Cameron, That's a great question and the market/tools available are in a major state of flux with new vendors entering and growing the portfolio. There are a few different types of tools and different manufacturers excel at different tool types. Here's my view of it currently and love for others ...

RE: WPA3 and Aruba

Posted By JJ Minella 03-03-2023 08:57:56 AM
Found In Egroup: Wireless Local Area Networking \ view thread
I always love Dan's insights. I think it's fair to say if they're doing a WPA2 downgrade attack to execute this feature, I already have my own very strong opinions about it. LOL �� That's a hard "no" for me. _____________________ Jennifer Minella, CISSP Founder, Principal Advisor- Security ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-28-2023 06:32:00 PM
Found In Egroup: Wireless Local Area Networking \ view thread
Seth, what I just heard today (on the WLPC follow up webinar I did with Wes and JD) is that there is "a vendor" who is doing MPSK on WPA3, and that deployment uses a downgrade attack to force the client to WPA2 briefly. We didn't have time to get into the details, and I don't know if that is Ruckus ...

RE: An open letter to vendors and manufacturers:

Posted By JJ Minella 02-28-2023 08:21:36 AM
Found In Egroup: Network Management \ view thread
Amen my friend! I get frustrated watching that from the outside and I know from clients how infuriating it is for them. And you're right. Some are worse than others, but I can only think of 2 vendors I've worked with in 30 years that didn't do that SOMEHOW, SOMEWHERE. Maybe not your account, or your ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-27-2023 08:37:55 AM
Found In Egroup: Wireless Local Area Networking \ view thread
I think images come through on here. This is the original twitter thread at WLPC we had right after James and I shared lab findings to the whole group. TL:DR version is that- for Apple devices, those with OS June 2018 or older likely will not support it and may fail with Transition Mode. Those released ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-24-2023 09:34:54 AM
Found In Egroup: Wireless Local Area Networking \ view thread
The hands-on lab at WLPC used one vendor. However, I have access to multiple vendors and products in labs and have opened dialog with multiple professionals from different vendors and those writing and using different testing tools and we're all seeing the same thing. In the WLPC lab, we had participation ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-24-2023 09:16:02 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Also, even though I just wrote a book on Wi-Fi security including WPA3, and my technical editor was the lead of the WFA Security Group, there are still things that are a mystery to me. ¯\_(ツ)_/¯ Next Tuesday 2/28 I'm doing a webinar with Wes Purvis and Jonathan Davis (other speakers from WLPC) – we're ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-24-2023 08:27:59 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Mike- I don't have a list, but we are (as a community) working on something to build a tool set within WLAN Pi and a place to host a central repository of that. I made the request but people smarter than I are working on those scripts now I think. �� Here's what I do know from my testing and our labs ...

RE: WPA3 and Aruba

Posted By JJ Minella 02-24-2023 07:49:28 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Hi Brady! I don't know if you're referring to one of my sessions during WLPC but either way I think I can clarify that messaging. Short Version: Transition Mode (and WPA3 Only) are more troublesome and impactful for Passphrase based networks (vs. Enterprise class 802.1X-secured). Longer Version: ...

WPA3 and Aruba Attachments

Posted By JJ Minella 02-24-2023 07:49:27 AM
Found In Library: Wireless Local Area Networking

RE: 802.1x Prompting Wireless Architecture Questions

Posted By JJ Minella 09-23-2022 08:25:48 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Hunter, you're totally right! Sorry for the confusion. The first comment (staying off the soapbox) was in response to the original thread and was about wired, then in the second reply I had a blonde moment (or multitask failure typing while on a call) and just tangled up everything into one (incorrect) ...

RE: 802.1x Prompting Wireless Architecture Questions

Posted By JJ Minella 09-22-2022 07:52:27 AM
Found In Egroup: Wireless Local Area Networking \ view thread
Chuck – Yes. Yes it did (take a while). LOL. But I learn so much from you guys here I try to reciprocate and add value when those opportunities arise! I've spent 18 years with 802.1X in hundreds of organizations (and embarrassingly I've read every version of the full 1X standard revisions) so I thought ...

RE: 802.1x Prompting Wireless Architecture Questions

Posted By JJ Minella 09-21-2022 05:18:25 PM
Found In Egroup: Wireless Local Area Networking \ view thread
Oh wow this is long. Ugg sorry. Misc. stuff on 1X and then Zero Trust at the bottom... RE: Question of what is 1X "validate server cert doing?": Hunter it's validating the RADIUS server by hostname. RE: FYI "Do not validate cert" options will be dissolving with WPA3; it allows strict/limited ...