Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 87
Unauthorized Device, Profiles > IDS > Unauthorized Devices, Dell PowerConnect W Navigation,
View all Dell PowerConnect W-Airwave manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 87 highlights
interference, it is not considered a direct security threat since it is not connected to the wired network. However, an interfering AP may be reclassified as a rogue AP. NOTE: Rogue device classification for WMS Offload infrastructure is also described in the Dell PowerConnect W AirWave 7.2 User Guide in Home > Documentation. You can enable a policy to automatically disable APs that are classified as a rogue APs by the Dell PowerConnect W system. When a rogue AP is disabled, no wireless stations are allowed to associate to that AP. Perform these steps to create IDS Unauthorized Device profiles. 1. Select Profiles > IDS > Unauthorized Devices in the Dell PowerConnect W Navigation pane. 2. Select the Add button to create a new Unauthorized Devices profile, or click the pencil icon next to an existing profile to edit. The Details page appears. Complete the settings as described in Table 34: Table 34 Profiles > IDS > Unauthorized Devices Profile Settings Field Default Description General Settings Folder Top Name Blank Other Settings Detect Adhoc Networks Yes Protect from Adhoc No Networks Detect Windows Bridge Yes Detect Wireless Bridge Yes Detect Devices with An No Invalid MAC OUI MAC OUI Detection Quiet 900 Time (60-360000 sec) Adhoc Network 900 Detection Quiet Time (60-360000 sec) Wireless Bridge 900 Detection Quiet Time (60-360000 sec) Rogue AP Classification Yes Set the folder with which the profile is associated. The drop-down menu displays all folders available for association with the profile. Enter the name of the profile. Enable or disable detection of adhoc networks. Enable or disable protection from adhoc networks. When adhoc networks are detected, they are disabled using a denial of service attack. Enable or disable detection of Windows station bridging. Enable or disable detection of wireless bridging. Enable or disable the checking of the first three bytes of a MAC address, known as the MAC organizationally unique identifier (OUI), assigned by the IEEE to known manufacturers. Often clients using a spoofed MAC address do not use a valid OUI and instead use a randomly generated MAC address. Enabling MAC OUI checking causes an alarm to be triggered if an unrecognized MAC address is in use. Set the time, in seconds, that must elapse after an invalid MAC OUI alarm has been triggered before another identical alarm may be triggered. Set the time, in seconds, that must elapse after an adhoc network detection alarm has been triggered before another identical alarm may be triggered. Set the time, in seconds, that must elapse after a wired bridging alarm has been triggered before another identical alarm may be triggered. Enable or disable rogue AP classification. A rogue AP is one that is unauthorized and plugged into the wired side of the network. Any other AP seen in the RF environment that is not part of the valid enterprise network is considered to be "interfering" - it has the potential to cause RF interference but it is not connected to the wired network and thus does not represent a direct threat. Dell PowerConnect W AirWave 7.2 | Configuration Guide Dell PowerConnect W Configuration Reference | 87