D-Link DWC-1000 User Manual - Page 291

Not Present in OUI Database Test

Get D-Link DWC-1000 PDF manuals and user guides View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 291 highlights

Wireless Controller User Manual • Probe Reques ts • 802.11 Authentication Reques ts • 802.11 De-Authentication Reques ts . In o rd er t o h elp d et ermin e wh et h er a clien t is p o s in g a t h reat t o t h e n et wo rk b y flo o d in g t h e n et wo rk wit h man ag emen t t raffic, t h e s y s t em keep s t rack o f t h e n u mb er o f t imes t h e A P receiv ed each mes sage t y p e an d t h e h ig hest mes s ag e rat e d et ect ed in a s in g le RF Scan rep o rt . On t h e W IDS Clien t Co n fig u rat io n p age, y ou can s et t h resh old s fo r each t y pe o f mes s ag e s en t , an d t h e A Ps mo n it o r wh et h er an y clien t s exceed t h o s e t h res h o ld s o r t es t s . Not Pres ent i n OUI Databas e Tes t: Th is t es t ch ecks wh et her t he M A C ad d res s o f t h e clien t is fro m a reg is t ered man u fact u rer id en t ified in t h e OUI d at ab as e. Known Cl i ent Databas e Tes t: Th is t es t ch ecks wh et h er t h e clien t , wh ich is identified by its M AC addres s , is lis ted in the Known Client Databas e and is allo wed acces s t o t h e A P eit h er t h ro u g h t h e A u t h en t icat io n A ct io n o f Gran t o r t h ro u g h t h e W h it e Lis t g lo b al act ion . If t h e clien t is in t h e Kn o wn Clien t Dat ab as e an d h as an act ion o f Den y , o r if t h e act io n is Glo b al A ct io n an d it is g lo b ally s et t o Black Lis t , t h e clien t fails t h is t es t . Configured Authentication Rate Tes t: This tes t checks whether the client has exceed ed t h e co n fig u red rat e fo r t ran s mit t in g 802.11 au t h en t icat io n req u es t s . Confi g ured Probe Reques ts Rate Tes t: Th is t es t ch ecks wh et h er t h e clien t h as exceed ed t h e co n fig u red rat e fo r t ran s mit t in g p ro b e req u es t s . Confi g ured De -Authenti cati on Reques ts Rate Tes t : Th is t es t ch ecks wh et h er t h e clien t h as exceed ed t h e co nfig ured rat e fo r t ran smit t ing d e -au thent icat ion req u es t s . Maxi mum Authenti cati on Fai l ures Tes t: Th is t est ch ecks wh et h er t h e clien t h as exceed ed t h e maximu m n u mb er o f failed au t h en t icat io n s . Authenti cati on wi th Unk nown AP Tes t : Th is t es t ch ecks wh et h er a clien t in t h e Known Client databas e is authenticated with an unknown AP. Cl i ent Threat Mi ti g ati on: Select en ab le t o s en d d e -au t h en t icat io n mes s ag es t o clients that are in the Known Clients databas e but are as s ociated with unknown A Ps . Th e A u t hent icat ion wit h Un kn o wn A P Tes t mu s t als o b e en ab led in o rd er fo r t h e mit ig at io n t o t ake p lace. Select d is ab le t o allo w clien t s in t h e Kn o wn Clien t s d at ab as e t o remain au t h en t icat ed wit h an u n kn o wn A P. 289

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
Wireless Controller
User Manual
289
Probe Requests
802.11 Authentication Requests
802.11 De-Authentication Requests.
In order to help determine whether a client is posing a threat to the network by flooding the
network with management traffic, the system keeps track of the number of times the AP
received each message type and the highest message rate detected in a single RF Scan report.
On the WIDS Client Configuration page, you can set thresholds for each type of message sent,
and the APs monitor whether any clients exceed those thresholds or tests.
Not Present in OUI Database Test:
This test checks whether the MAC address of
the client is from a registered manufacturer identified in the OUI database.
Known Client Database Test
: This test checks whether the client, which is
identified by its MAC address, is listed in the Known Client Database and is
allowed access to the AP either through the Authentication Action of Grant or
through the White List global action. If the client is in the Known Client Database
and has an action of Deny, or if the action is Global Action and it is globally set to
Black List, the client fails this test.
Configured Authentication Rate Test
: This test checks whether the client has
exceeded the configured rate for transmitting 802.11 authentication requests.
Configured Probe Requests Rate Test
: This test checks whether the client has
exceeded the configured rate for transmitting probe requests.
Configured De-Authentication Requests Rate Test
: This test checks whether the
client has exceeded the configured rate for transmitting de-authentication requests.
Maximum Authentication Failures Test:
This test checks whether the client has
exceeded the maximum number of failed authentications.
Authentication with Unknown AP Test
: This test checks whether a client in the
Known Client database is authenticated with an unknown AP.
Client Threat Mitigation
: Select enable to send de-authentication messages to
clients that are in the Known Clients database but are associated with unknown
APs. The Authentication with Unknown AP Test must also be enabled in order for
the mitigation to take place. Select disable to allow clients in the Known Clients
database to remain authenticated with an unknown AP.