Threat Management Map?
Anyone used this Threat Managemant Map? I went to the site to grab an API for it, you got to sign up and it wants a credit card. Anyone used it, got screen shots of what it looks like/does fully etc?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hello @RBL,
After confirming with the engineer support team, this feature needs the Omada devices to upgrade the firmware to adapt with.
Please keep an eye on our official website or this post for any updates on the firmware release.
If you have any further questions or concerns, please feel free to ask. Thank you!
- Copy Link
- Report Inappropriate Content
@Hank21
Reply from support engineer:
Just got the conclusion, this issue is a known issue in the trial firmware ER707-M2 V1_1.1.1 Build 20230927, and it has been fixed in the formal version firmware, which has not released yet.
The formal firmware is expected to be released in the next few days, you can wait for the formal release.
- Copy Link
- Report Inappropriate Content
You shouldn't need a credit card to sign up for the free dev a/c
it doesn't seem to do much (yet) but presumably gives a map showing where IPs of attempted intrusions originate from
- Copy Link
- Report Inappropriate Content
@MrHC1983 Ubiquiti has this feature and its fully functional. I assume TP-Link is headed in the same general direction. On Ubiquiti it shows where threats originated, how much data has transferred, and lets you selectively block communication for incoming, outgoing or both selectively by origination.
If they can match that functionality successfully it would be a very nice addition because I have used it extensively.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hello @RBL,
This map function has been added on the Omada Hardware Controller v5.9.32, you need to enter the Mapbox API Access Token with the default public token scopes to use the function. Divided into Site Map and Device Map, you can set the latitude and longitude for each site and each device.
Please confirm the firmware version of your OC200 is the latest one.
- Copy Link
- Report Inappropriate Content
Hank21 wrote
Hello @RBL,
This map function has been added on the Omada Hardware Controller v5.9.32, you need to enter the Mapbox API Access Token with the default public token scopes to use the function. Divided into Site Map and Device Map, you can set the latitude and longitude for each site and each device.
Please confirm the firmware version of your OC200 is the latest one.
Thanks for your swift reply, I am currently running the follow devices, all devices are running the same version:
Model
Model: | Firmware Version: |
OC200 1.0 | 1.25.2 Build 20230704 Rel.64541 |
TL-R605 v1.0 |
1.3.0 Build 20230511 Rel.51317 |
TL-SG2218 v1.0 | 1.1.8 Build 20230602 Rel.73473 |
TL-SG2210P v3.20 | 3.20.9 Build 20230602 Rel.73473 |
EAP245(EU) v3.0 | 5.1.0 Build 20230104 Rel. 79433 |
EAP225-Outdoor(EU) v1.0 | 5.1.0 Build 20220926 Rel. 62456 |
The Mapbox API Access Token has been entered, but there is no traffic or whatever. I am probably doing something wrong, but it remains empty:
Edit: typo
- Copy Link
- Report Inappropriate Content
Hello @RBL,
After confirming with the engineer support team, this feature needs the Omada devices to upgrade the firmware to adapt with.
Please keep an eye on our official website or this post for any updates on the firmware release.
If you have any further questions or concerns, please feel free to ask. Thank you!
- Copy Link
- Report Inappropriate Content
Hello @Hank21 Thank you, according to the link, I assume it is only the router which needs to have an update. Thanks. we are eagerly waiting for the update.
- Copy Link
- Report Inappropriate Content
@Hank21 as I couldn't resist on trying the new Threat Management Map, I bought a new ER-707-M2 v1.0 and instantly updated the firmware with the latest beta.Inserted the API key. And although I see some traffic from malicious endpoints to one of my webservers, I see nothing on the map:
But I do have some anomalies in my Threat Management List:
And the details of one of those:
Apparently it is not doinge a geo lookup as it also does not show the location.
Just tried several pentesting tools to my IP, but these do not show up either.
What am I doing wrong?
- Copy Link
- Report Inappropriate Content
Hi @RBL,
After confirming with the support engineer, there is nothing on the map because there is no geolocation information in the generated logs.
And there are the possible reason for the absence of geolocation information in the logs:
The GEO Enforcer option is not enabled on the IPS configuration page.
- Copy Link
- Report Inappropriate Content
@Hank21 thanks for your swift reply, you mean this setting:
This setting was already enabled. If I check the site map, via the controller overview, I see the following:
But still nothing on the Thread Management Map, is there something else I need to/can do?
currently I have the following devices:
1x OC200 1.0 (1.28.1 Build 20231117 Rel.58466)
1x ER707-M2 v1.0 (1.1.1 Build 20230927 Rel.35167)
1x TL-SG2218 v1.0 (1.1.8 Build 20230602 Rel.73473)
3x TL-SG2210P v3.20 (3.20.9 Build 20230602 Rel.73473)
3x EAP245(EU) v3.0 (5.1.0 Build 20230104 Rel. 79433)
2x EAP225-Outdoor(EU) v1.0 (5.1.1 Build 20230921 Rel. 63318)
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 3188
Replies: 22