Home » Dell Manuals » Hubs & Switches » Dell PowerConnect W-IAP92 » Manual Viewer

Dell PowerConnect W-IAP92 Dell Instant 5.0.3.0-1.1.0.0 User Guide - Page 107

Intrusion Detection System, Rogue AP Detection and Classification, Rogue Containment

View all Dell PowerConnect W-IAP92 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 107 highlights

Chapter 16 Intrusion Detection System Intrusion Detection System (IDS) is a feature that monitors the network for the presence of unauthorized IAPs and clients. It also logs information about the unauthorized IAPs and clients, and generates reports based on the logged information. Rogue AP Detection and Classification The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs, interfering APs, and other devices that can potentially disrupt network operations. An AP is considered to be a rogue AP if it is both unauthorized and plugged into the wired side of the network. An AP is considered to be an interfering AP if it is seen in the RF environment but is not connected to the wired network. While the interfering AP can potentially cause RF interference, it is not considered a direct security threat since it is not connected to the wired network. However, an interfering AP may be reclassified as a rogue AP. Figure 84 Intrusion Detection Rogue Containment Enable or disable rogue containment on the Instant network. By default, this is disabled. NOTE: The rouge containment is supported only when the IAPs are in the monitor mode. Figure 85 Rogue Containment Containment Methods You can enable wired and wireless containments to prevent unauthorized stations from connecting to your Instant network. Dell PowerConnect W-Instant Access Point 5.0.3.0-1.1.0.0 | User Guide Intrusion Detection System | 107

Section	Page
Contents	3
About this Guide	13
Objective	13
Intended Audience	13
Conventions	13
Contacting Support	14
W-IAP Internal Antenna Patterns	15
W-IAP92 and W-IAP93 Antenna Patterns	15
W-IAP105 Antenna Pattern	16
Initial Configuration	17
Initial Setup	17
Pre-Installation Checklist	17
Connecting the W-IAP to a Power Source	18
Assigning an IP Address to the W-IAP	18
Connecting to the Provisioning Wi-Fi network	18
Login into Instant User Interface	19
Specifying the Country Code	20
Instant User Interface	21
Understanding the Instant UI Layout	21
Banner	22
Search	22
Tabs	22
Networks Tab	22
Access Points Tab	23
Clients Tab	23
Links	24
New version available	24
Users	24
Settings	25
Servers	26
Roles	26
Maintenance	26
Support	26
Help	28
Logout	28
Monitoring	28
Client Alerts	31
IDS	32
Language	33
AirWave Setup	33
Pause/Resume	33
Views	33
Wireless Network	35
Network Types	35
Employee Network	35
Adding an Employee Network	35
Voice Network	41
Adding a Voice Network	41
Guest Network	44
Adding a Guest Network	44
Editing a Network	47
Deleting a Network	47
Bandwidth Contracts	48
Mesh Network	49
Mesh Instant Access Points	49
Mesh Portals	49
Mesh Points	49
Instant Mesh Setup	50
Managing IAPs	53
Auto Join Mode	53
Disabling Auto Join Mode	53
LED Display	54
Terminal Access	54
Syslog Server	55
Adding an W-IAP to the Network	55
Removing an W-IAP from the Network	56
Editing W-IAP Settings	56
Changing W-IAP Name	56
Changing IP Address of the W-IAP	57
Configuring Adaptive Radio Management	58
Configuring an External Antenna	59
Migrating from a Virtual Controller Managed Network to Mobility Controller Managed Network	59
Rebooting the W-IAP	61
Firmware Image Server in Cloud Network	61
Automatic Firmware Image Check and Upgrade	62
Upgrading to the new OS version	62
Manual Firmware Image Check and Upgrade	63
NTP Server	65
Configuring an NTP Server	65
Virtual Controller	67
Master Election Protocol	67
Virtual Controller IP Address	67
Specifying Name and IP Address for the Virtual Controller	67
Configuring the DHCP Server	68
Authentication	69
Authentication Methods in Dell Instant	69
802.1X Authentication	69
Internal RADIUS Server	69
External RADIUS Server	70
Configuring an External RADIUS Server	70
Enabling Instant RADIUS	71
RADIUS Server Authentication with VSA	71
List of supported VSA’s	72
Management Authentication Settings	74
Captive Portal	75
Internal Captive Portal	75
Configuring Internal Captive Portal Authentication when Adding a Guest Network	75
Configuring Internal Captive Portal Authentication when Editing a Guest Network	76
Configuring Internal Captive Portal with External Radius Server Authentication when Adding a Guest Network	77
Customizing a Splash Page	78
Disabling Captive Portal authentication	79
External Captive Portal	80
Configuring External Captive Portal Authentication when Adding a Guest Network	80
Configuring External Captive Portal Authentication when editing a Guest Network	80
MAC Authentication	81
Configuring MAC Authentication	81
Certificates	82
Loading Certificates	82
Role Derivation	85
User Roles	85
Creating a New User Role	85
Creating Role Assignment Rules	86
Guest DMZ	89
Instant Firewall	91
Service Options	91
Destination Options	93
Example Access Rules	93
Allow TCP service to a particular network	93
Allow PoP3 service to a particular server	94
Deny FTP service except to a particular server	95
Deny bootp service except to a particular network	96
Content Filtering	99
Enabling Content Filtering	99
OS Fingerprinting	101
Adaptive Radio Management	103
ARM Features	103
Channel or Power Assignment	103
Voice Aware Scanning	103
Load Aware Scanning	103
Band Steering Mode	103
Air Time Fairness	104
Air Time Fairness Modes	104
Customize valid channels	104
Min transmit power	104
Max transmit power	104
Monitoring the Network with ARM	105
ARM Metrics	105
Configuring Administrator Assigned Radio Settings for IAP	105
Intrusion Detection System	107
Rogue AP Detection and Classification	107
Rogue Containment	107
Containment Methods	107
SNMP	109
SNMP Parameters for IAP	109
Airwave Integration and Management	113
AirWave Features	113
Image Management	113
W-IAP and Client Monitoring	113
Template Based Configuration	113
Trending Reports	114
Intrusion Detection System	114
Configuring AirWave	114
Creating your Organization String	114
The Shared Key	115
Entering the Organization String and AMP Information into the IAP	115
Airwave Discovery through DHCP Option	115
Monitoring	117
Virtual Controller View	117
Monitoring Link	117
Info	118
RF Dashboard	118
Usage Trends	118
Client Alerts Link	119
IDS Link	119
Network View	120
Info	120
Usage Trends	120
Instant Access Point View	122
Info	123
RF Dashboard	123
RF Trends	123
Usage Trends	125
Client View	125
Info	126
RF Dashboard	126
RF Trends	126
Mobility Trail	129
Alert Types and Management	131
User Database	133
Adding a User	133
Editing User Settings	133
Deleting a User	134
Regulatory Domain	135
Country Codes List	135

Match case Limit results 1 per page

Dell PowerConnect W-Instant Access Point 5.0.3.0-1.1.0.0

User Guide

Intrusion Detection System

107

Chapter 16

Intrusion Detection System

Intrusion Detection System (IDS) is a feature that monitors the network for the presence of unauthorized IAPs

and clients. It also logs information about the unauthorized IAPs and clients, and generates reports based on the

logged information.

Rogue AP Detection and Classification

The most important IDS functionality offered in the Dell Instant network is the ability to detect rogue APs,

interfering APs, and other devices that can potentially disrupt network operations. An AP is considered to be a

rogue AP if it is both unauthorized and plugged into the wired side of the network. An AP is considered to be an

interfering AP if it is seen in the RF environment but is not connected to the wired network. While the

interfering AP can potentially cause RF interference, it is not considered a direct security threat since it is not

connected to the wired network. However, an interfering AP may be reclassified as a rogue AP.

Figure 84

Intrusion Detection

Rogue Containment

Enable or disable rogue containment on the Instant network. By default, this is disabled.

Figure 85

Rogue Containment

Containment Methods

You can enable wired and wireless containments to prevent unauthorized stations from connecting to your

Instant network.

NOTE:

The rouge containment is supported only when the IAPs are in the monitor mode.