Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 83

1. Select Profiles > IDS > Denial of Service in the Dell PowerConnect W Navigation pane. 2. Select the Add button to create a new Signature Matching profile, or click the pencil icon next to an existing profile to edit. The Details page appears. Complete the settings as described in Table 31: Table 31 Profiles > IDS > Denial of Service Profile Settings Field Default Description General Settings Folder Top Name Blank Referenced Profiles Rate Thresholds for Assoc Frames default Rate Thresholds for Disassoc Frames default Rate Thresholds for Deauth Frames default Rate Thresholds for default Probe Request Frames Rate Thresholds for Probe Response Frames default Rate Thresholds for Auth Frames default Other Settings Detect Disconnect Yes Station Attack Disconnect STA 900 Detection Quiet Time Spoofed Deauth No Blacklist Detect AP Flood Attack No AP Flood Threshold 50 Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the profile. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for association frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for disassociation frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for de-authentication frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for probe request frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for probe response frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Select a profile from the drop-down menu, or click the edit (icon) or add (icon) to edit or create a profile that sets the rate threshold for authentication frames. The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly checking. Enables or disables detection of station disconnection attacks. After a station disconnection attack is detected, sets the time (in seconds) that must elapse before another identical alarm can be generated. Enables or disables automatic client blacklisting of spoofed de-authentication. Enables or disables the detection of flooding with fake AP beacons to confuse legitimate users and to increase the amount of processing need on client operating systems. Sets the number of Fake AP beacons that must be received within the Flood Increase Time to trigger an alarm. Dell PowerConnect W AirWave 7.2 | Configuration Guide Dell PowerConnect W Configuration Reference | 83