D-Link DWC-1000 User Manual - Page 288

Rogue Detected Trap Interval

Get D-Link DWC-1000 PDF manuals and user guides View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 288 highlights

Wireless Controller User Manual s t an d alo n e A P in t h e lo cal o r RA DIUS Valid A P d at ab as e. Th is t es t may d et ect n et wo rk mis co n fig u rat io n as well as p o t en t ial in t ru s io n at t emp t s . Th e fo llo win g p aramet ers are ch ecked : • Ch an n el Nu mb er • SSID • Security Mode • WDS Mode. • Pres ence on a wired network. Unexpected WDS devi ce detected on network : If t h e A P is clas s ified as a Managed or Unknown AP and wireles s dis tribution s ys tem (W DS) traffic is detected on the A P, then the A P is considered to be Rogue. Only s tand -alone A Ps t h at are exp licit ly allo wed t o o p erat e in W DS mo d e are n o t rep o rt ed as ro g u es b y this tes t. Unmanag ed AP dete cted on wi red network : Th is t es t ch ecks wh et h er t h e A P is detected on the wired network. If the A P s tate is Unknown, then the tes t changes the AP s tate to Rogue. The flag indicating whether AP is detected on the wired n et wo rk is rep o rt ed as p art o f t h e RF Scan rep o rt . If A P is man ag ed an d is d et ect ed o n t h e n et wo rk t h en t h e co n troller s imp ly rep o rt s t h is fact an d d o es n 't ch an g e t h e AP s tate to Rogue. In order for the wireles s s ys tem to detect this threat, the wireles s n et wo rk mu s t co n t ain o n e o r mo re rad io s t h at o p erat e in s en t ry mo d e Rog ue Detected Trap Interval : Sp ecify t h e in t erv al, in s eco n d s , b et ween t ran s mis sio ns o f t h e SNM P t rap t ellin g t h e admin is t rator t h at ro g ue A Ps are p resent in the RF Scan databas e. If you s et the value to 0, the trap is never s ent. Wi red Network Detecti on Interval : Sp ecify t h e n u mb er o f s eco n d s t h at t h e A P waits before s tarting a new wired network detection cycle. If you s et the value to 0, wired network detection is dis abled AP De-Authenti cati on Attack : En ab le o r d is ab le t h e A P d e-aut hen t icat io n at t ack. The wireles s controller can protect against rogue A Ps by sending DE authentication mes s ag es t o t h e ro g u e A P. Th e d e -au t h en t icat io n at t ack feat u re mu s t b e g lo b ally enabled in order for the wireles s s ys tem to do this funct ion. Make s ure that no 286

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
Wireless Controller
User Manual
286
standalone AP in the local or RADIUS Valid AP database. This test may detect
network misconfiguration as well as potential intrusion attempts. The following
parameters are checked:
Channel Number
SSID
Security Mode
WDS Mode.
Presence on a wired network.
Unexpected WDS device detected on network
: If the AP is classified as a
Managed or Unknown AP and wireless distribution system (WDS) traffic is
detected on the AP, then the AP is considered to be Rogue. Only stand-alone APs
that are explicitly allowed to operate in WDS mode are not reported as rogues by
this test.
Unmanaged AP detected on wired network
: This test checks whether the AP is
detected on the wired network. If the AP state is Unknown, then the test changes
the AP state to Rogue. The flag indicating whether AP is detected on the wired
network is reported as part of the RF Scan report. If AP is managed and is detected
on the network then the controller simply reports this fact and doesn't change the
AP state to Rogue. In order for the wireless system to detect this threat, the
wireless network must contain one or more radios that operate in sentry mode
Rogue Detected Trap Interval
: Specify the interval, in seconds, between
transmissions of the SNMP trap telling the administrator that rogue APs are present
in the RF Scan database. If you set the value to 0, the trap is never s ent.
Wired Network Detection Interval
: Specify the number of seconds that the AP
waits before starting a new wired network detection cycle. If you set the value to 0,
wired network detection is disabled
AP De-Authentication Attack
: Enable or disable the AP de-authentication attack.
The wireless controller can protect against rogue APs by sending DE authentication
messages to the rogue AP. The de-authentication attack feature must be globally
enabled in order for the wireless system to do this function. Make sure that no