We are excited to announce that we have launched our new Hive Community! HiveNation will remain as an archive, but all new posts, discussions, and articles will be created on Hive Community. You can visit our new community at thehivecommunity.aerohive.com
Some comments on your image: - Don't set the VLAN. That limits your flexibility if you want to do client classification on the user profile - You will need to set a username prefix and secret. - Set a PPSK start time, for when the first rotation will start - Assuming you want to reset all the keys every 180 days, set the rotation interval to 180 days. - Set the number of PSK rotations higher. Right now you have only set up a single rotation, so the keys will not change. Set the number to 10 (this will last you five years) - or higher. - Set the number of keys per rotation to exceed the number you know you need right now - just so you know there are more if you need them. 10 doesn't seem like many. - For a key that is only 8 characters long, you should definitely consider adding letters to the supported character types. You don't have much entropy with only 8 numbers in a 6 month key. Easier to crack with a rainbow table the way you have it.
Hi Andrew, Thanks for your comments. I have one question, the option :"Private-PSK start time" does it matter for the date? Here is an example, please correct me if I am wrong:
- PPSK start time: 14/05/2015 (PPSK start from this day) - PPSK life time: 1 days (live only 3 days) - PPSK rotation interval: (I dont get this option) - PPSK rotation: 3 (will be renew 3 times) - PPSK users to create per rotation: 10 (It will create 10 PPSK)
So the day after 15/05/2015, does PPSK will be recreated again with different password?