Home » Dell Manuals » Hubs & Switches » Dell PowerConnect W-Airwave » Manual Viewer

Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 85

Profiles > IDS > Impersonation, General Settings, Other Settings

View all Dell PowerConnect W-Airwave manuals

Add to My Manuals
Save this manual to your list of manuals

Page 85 highlights

2. Select the Add button to create a new Rate Threshold, or click the pencil icon next to an existing threshold to edit. The Details page appears. Complete the settings as described in Table 32: Table 32 Profiles > IDS > Denial of Service, Rate Threshold Settings Field Default Description General Settings Folder Name Top Blank Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the rate threshold profile. Other Settings Channel Increase Time 15 (0--360000 sec) Channel Quiet Time 900 (60-360000 sec) Channel Threshold (0- 300 100000) Node Time Interval (1- 15 120 sec) Node Quiet Time 900 (60-360000 sec) Node Threshold 200 (0-100000) Set the time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Set the time that must elapse before another identical alarm may be triggered, after an alarm has been triggered, Use this option to prevent excessive messages in the log file. Specify the number of a specific type of frame. This number must be exceeded within a specific interval in an entire channel to trigger an alarm. Set the time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Set the time that must elapse before another identical alarm may be triggered, after an alarm has been triggered. This option prevents excessive messages in the log file. Specify the number of a specific type of frame that must be exceeded within a specific interval for a particular client MAC address to trigger an alarm. 3. Select Add or Save. The added or edited Rate Threshold appears on the Profiles > IDS > Denial of Service > Rate Thresholds page. Profiles > IDS > Impersonation Perform these steps to create IDS Impersonation profiles. 1. Select Profiles > IDS > Impersonation in the Dell PowerConnect W Navigation pane. 2. Select the Add button to create a new Impersonation profile, or click the pencil icon next to an existing profile to edit. The Details page appears. Complete the settings as described in Table 33: Table 33 Profiles > IDS > Impersonation Settings Field Default Description General Settings Folder Name Other Settings Detect AP Impersonation Top Blank Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the impersonation profile. Yes Enable or disable detection of AP impersonation. In AP impersonation attacks, the attacker sets up an AP that assumes the BSSID and ESSID of a valid AP. AP impersonation attacks can be done for man-in-the-middle attacks, a rogue AP attempting to bypass detection, or a honeypot attack. Dell PowerConnect W AirWave 7.2 | Configuration Guide Dell PowerConnect W Configuration Reference | 85

Section	Page
Dell PowerConnect W AirWave 7.2	1
Preface	7
Document Audience and Organization	7
Note, Caution, and Warning Icons	7
Contacting Support	8
Dell PowerConnect W Configuration in AWMS	9
Introduction	9
Requirements, Restrictions, and AOS Support in AWMS	9
Requirements	9
Restrictions	9
ArubaOS Support in AWMS	9
Overview of Dell PowerConnect W Configuration in AWMS	10
Device Setup > Dell PowerConnect W Configuration Page	11
Groups > Dell PowerConnect W Config Page With Global Configuration Enabled	12
Groups > Dell PowerConnect W Config When Global Configuration is Disabled	12
Dell PowerConnect W Configuration Sections in the Tree View	13
Dell PowerConnect W AP Groups Section	13
AP Overrides Section	14
WLANs Section	15
Profiles Section	15
Security Section	16
Local Config Section	16
Advanced Services Section	17
APs/Devices > List Page	17
APs/Devices > Manage Page	17
APs/Devices > Monitor Page	18
Groups > Basic Page	18
Additional Concepts and Components of Dell PowerConnect W Configuration	19
Global Configuration and Scope	19
Referenced Profile Setup in Dell PowerConnect W Configuration	19
Save, Save and Apply, and Revert Buttons	20
Additional Concepts and Benefits	20
Scheduling Configuration Changes	20
Auditing and Reviewing Configurations	20
Licensing and Dependencies in Dell PowerConnect W Configuration	20
Setting Up Initial Dell PowerConnect W Configuration	21
Prerequisites	21
Procedure	21
Additional Capabilities of Dell PowerConnect W Configuration	26
Using Dell PowerConnect W Configuration in Daily Operations	27
Introduction	27
General Dell PowerConnect W AP Groups Procedures and Guidelines	27
Guidelines and Pages for Dell PowerConnect W AP Groups in Configuration	27
Selecting Dell PowerConnect W AP Groups	28
Configuring Dell PowerConnect W AP Groups	28
General WLAN Guidelines	28
Guidelines and Pages for WLANs in Dell PowerConnect W Configuration	28
General Profiles Guidelines	28
General Controller Procedures and Guidelines	29
Using Master, Standby Master, and Local Controllers	29
Pushing Device Configurations to Controllers	29
Supporting APs with Dell PowerConnect W Configuration	30
AP Overrides Guidelines	30
Changing Adaptive Radio Management (ARM) Settings	30
Changing SSID and Encryption Settings	30
Changing the Dell PowerConnect W AP Group for an AP Device	30
Using AWMS to Deploy Dell PowerConnect W APs for the First Time	31
Using General AWMS Device Groups and Folders	32
Visibility in Dell PowerConnect W Configuration	33
Visibility Overview	33
Defining Visibility for Dell PowerConnect W Configuration	33
Dell PowerConnect W Configuration Reference	37
Introduction	37
Dell PowerConnect W AP Groups	38
AP Overrides	42
AP Overrides	42
WLANs	47
Overview of WLANs Configuration	47
WLANs	47
WLANs > Basic	48
WLANs > Advanced	48
Profiles	52
Understanding Dell PowerConnect W Configuration Profiles	52
Profiles > AAA	52
Profiles > AAA	53
Profiles > AAA > 802.1x Auth	55
Profiles > Advanced Authentication	59
Profiles > AAA > Captive Portal Auth	61
Profiles > AAA > Mac Auth	62
Profiles > AAA > Stateful 802.1X Auth	63
Profiles > AAA > Wired Auth	64
Profiles > AAA > VPN Auth	64
Profiles > AAA > Management Auth	65
Profiles > AAA > Stateful NTLM Auth	65
Profiles > AAA > WISPr Auth	66
Profiles > AP	67
Profiles > AP > AP Ethernet Link	68
Profiles > AP > Provisioning	69
Profiles > AP > Regulatory Domain	70
Profiles > AP > SNMP	71
Profiles > AP > SNMP > SNMP User	72
Profiles > AP > System	72
Profiles > AP > Wired	76
Profiles > IDS	77
Profiles > IDS > General	79
Profiles > IDS > Signature Matching	80
Profiles > IDS > Signature Matching > Signature	81
Profiles > IDS > Denial of Service	81
Profiles > IDS > Denial of Service > Rate Threshold	84
Profiles > IDS > Impersonation	85
Profiles > IDS > Unauthorized Device	86
Profiles > Mesh	89
Profiles > Mesh > Radio	90
Profiles > Mesh > Radio > Mesh HT SSID	92
Profiles > Mesh > Cluster	93
Profiles > QoS	94
Profiles > QoS > Traffic Management	95
Profiles > QoS > VoIP Call Admission Control	95
Profiles > QoS > WMM Traffic Management	97
Profiles > RF	98
Profiles > RF > 802.11a/g Radio	99
Profiles > RF > 802.11a/g Radio > AM Scanning	102
Profiles > RF > 802.11a/g Radio > ARM	102
Profiles > RF > 802.11a/g Radio > HT Radio	106
Profiles > RF > 802.11a/g Radio > Spectrum	106
Profiles > RF > Event Thresholds	107
Profiles > RF > Optimization	109
Profiles > SSID	111
Profiles > SSID	111
Profiles > SSID > EDCA AP	115
Profiles > SSID > EDCA Station	118
Profiles > SSID > HT SSID	120
Profiles > SSID > 802.11K	122
Security	124
Security > User Roles	125
Security > User Roles > BW Contracts	127
Security > User Roles > VPN Dialers	128
Security > Policies	131
Security > Policies > Destinations	132
Security > Policies > Services	133
Security > Server Groups	134
Server Groups Page Overview	134
Supported Servers	135
Adding a New Server Group	135
Security > Server Groups > LDAP	136
Security > Server Groups > RADIUS	138
Security > Server Groups > TACACS	139
Security > Server Groups > Internal	140
Security > Server Groups > XML API	140
Security > Server Groups > RFC 3576	141
Security > Server Groups > Windows	142
Security > TACACS Accounting	142
Security > Time Ranges	143
Security > User Rules	144
Local Config of SNMP Management	145
Advanced Services	147
Overview of IP Mobility Domains	147
Advanced Services > IP Mobility	148
Advanced Services > IP Mobility > Mobility Domain	150
Advanced Services > VPN Services	151
Advanced Services > VPN Services > IKE	152
Advanced Services > VPN Services > L2TP	153
Advanced Services > VPN Services > PPTP	154
Advanced Services > VPN Services > IPSEC	155
Advanced Services > VPN Services > IPSEC > Dynamic Map	156
Advanced Services > VPN Services > IPSEC > Dynamic Map > Transform Set	157
Groups > Dell PowerConnect W Config Page and Section Information	158

Match case Limit results 1 per page

Dell PowerConnect W AirWave 7.2

| Configuration Guide

Dell PowerConnect W Configuration Reference

Select the

Add

button to create a new

Rate Threshold

, or click the

pencil

icon next to an existing threshold to

edit. The

Details

page appears. Complete the settings as described in

Table 32

Select

Add

Save

The added or edited

Rate Threshold

appears on the

Profiles > IDS > Denial of Service

> Rate Thresholds

page.

Profiles > IDS > Impersonation

Perform these steps to create IDS

Impersonation

profiles.

Select

Profiles > IDS > Impersonation

in the

Dell PowerConnect W Navigation

pane.

Select the

Add

button to create a new

Impersonation

profile

or click the

pencil

icon next to an existing

profile to edit. The

Details

page appears. Complete the settings as described in

Table 33

Table 32

Profiles > IDS > Denial of Service, Rate Threshold Settings

Field

Default

Description

General Settings

Folder

Top

Set the folder with which the profile is associated. The drop-down menu displays all

folders available for association with the profile.

Name

Blank

Enter the name of the rate threshold profile.

Other Settings

Channel Increase Time

(0--360000 sec)

Set the time, in seconds, in which the threshold must be exceeded in order to trigger an

alarm.

Channel Quiet Time

(60-360000 sec)

900

Set the time that must elapse before another identical alarm may be triggered, after an

alarm has been triggered, Use this option to prevent excessive messages in the log file.

Channel Threshold

(0-

100000)

300

Specify the number of a specific type of frame. This number must be exceeded within a

specific interval in an entire channel to trigger an alarm.

Node Time Interval

(1-

120 sec)

Set the time, in seconds, in which the threshold must be exceeded in order to trigger an

alarm.

Node Quiet Time

(60-360000 sec)

900

Set the time that must elapse before another identical alarm may be triggered, after an

alarm has been triggered. This option prevents excessive messages in the log file.

Node Threshold

(0-100000)

200

Specify the number of a specific type of frame that must be exceeded within a specific

interval for a particular client MAC address to trigger an alarm.

Table 33

Profiles > IDS > Impersonation Settings

Field

Default

Description

General Settings

Folder

Top

Set the folder with which the profile is associated. The drop-down menu displays all folders

available for association with the profile.

Name

Blank

Enter the name of the impersonation profile.

Other Settings

Detect AP

Impersonation

Yes

Enable or disable detection of AP impersonation. In AP impersonation attacks, the attacker

sets up an AP that assumes the BSSID and ESSID of a valid AP. AP impersonation attacks

can be done for man-in-the-middle attacks, a rogue AP attempting to bypass detection, or a

honeypot attack.