D-Link DWS-4026 Product Manual - Page 527
WIDS Client Configuration, Rogue Detected Trap Interval
UPC - 790069325533
View all D-Link DWS-4026 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 527 highlights
Software User Manual 12/10/09 D-Link Unified Access System Field Rogue Detected Trap Interval Wired Network Detection Interval AP De-Authentication Attack Table 340: WIDS AP Configuration Description Specify the interval, in seconds, between transmissions of the SNMP trap telling the administrator that rogue APs are present in the RF Scan database. If you set the value to 0, the trap is never sent. Specify the number of seconds that the AP waits before starting a new wired network detection cycle. If you set the value to 0, wired network detection is disabled. Enable or disable the AP de-authentication attack. The wireless switch can protect against rogue APs by sending deauthentication messages to the rogue AP. The de-authentication attack feature must be globally enabled in order for the wireless system to do this function. Make sure that no legitimate APs are classified as rogues before enabling the attack feature. This feature is disabled by default. WIDS Client Configuration The D-Link Unified Switch Wireless Intrusion Detection System (WIDS) can help detect intrusion attempts into the wireless network and take automatic actions to protect the network. The settings you configure on the WIDS Client Configuration page help determine whether a detected client is classified as a rogue. Clients classified as rogues are considered to be a threat to network security. The classification settings on the WIDS Client Configuration page are part of the global configuration on the switch and must be manually pushed to other switches in order to synchronize that configuration. As part of the general association and authentication process, wireless clients send 802.11 management messages to APs. The WIDS feature tracks the following types of management messages that each detected client sends: • Probe Requests • 802.11 Authentication Requests. • 802.11 De-Authentication Requests. In order to help determine whether a client is posing a threat to the network by flooding the network with management traffic, the system keeps track of the number of times the AP received each message type and the highest message rate detected in a single RF Scan report. On the WIDS Client Configuration page, you can set thresholds for each type of message sent, and the APs monitor whether any clients exceed those thresholds. or tests. Document 34CSFP6XXUWS-SWUM100-D7 Configuring Advanced Settings Page 527