Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 85
Profiles > IDS > Impersonation, General Settings, Other Settings
View all Dell PowerConnect W-Airwave manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 85 highlights
2. Select the Add button to create a new Rate Threshold, or click the pencil icon next to an existing threshold to edit. The Details page appears. Complete the settings as described in Table 32: Table 32 Profiles > IDS > Denial of Service, Rate Threshold Settings Field Default Description General Settings Folder Name Top Blank Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the rate threshold profile. Other Settings Channel Increase Time 15 (0--360000 sec) Channel Quiet Time 900 (60-360000 sec) Channel Threshold (0- 300 100000) Node Time Interval (1- 15 120 sec) Node Quiet Time 900 (60-360000 sec) Node Threshold 200 (0-100000) Set the time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Set the time that must elapse before another identical alarm may be triggered, after an alarm has been triggered, Use this option to prevent excessive messages in the log file. Specify the number of a specific type of frame. This number must be exceeded within a specific interval in an entire channel to trigger an alarm. Set the time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Set the time that must elapse before another identical alarm may be triggered, after an alarm has been triggered. This option prevents excessive messages in the log file. Specify the number of a specific type of frame that must be exceeded within a specific interval for a particular client MAC address to trigger an alarm. 3. Select Add or Save. The added or edited Rate Threshold appears on the Profiles > IDS > Denial of Service > Rate Thresholds page. Profiles > IDS > Impersonation Perform these steps to create IDS Impersonation profiles. 1. Select Profiles > IDS > Impersonation in the Dell PowerConnect W Navigation pane. 2. Select the Add button to create a new Impersonation profile, or click the pencil icon next to an existing profile to edit. The Details page appears. Complete the settings as described in Table 33: Table 33 Profiles > IDS > Impersonation Settings Field Default Description General Settings Folder Name Other Settings Detect AP Impersonation Top Blank Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the impersonation profile. Yes Enable or disable detection of AP impersonation. In AP impersonation attacks, the attacker sets up an AP that assumes the BSSID and ESSID of a valid AP. AP impersonation attacks can be done for man-in-the-middle attacks, a rogue AP attempting to bypass detection, or a honeypot attack. Dell PowerConnect W AirWave 7.2 | Configuration Guide Dell PowerConnect W Configuration Reference | 85