Home » Netgear Manuals » Wireless » Netgear WNDAP620 » Manual Viewer

Netgear WNDAP620 Reference Manual - Page 89

Con Wireless Intrusion Detection and Prevention, Settings

Add to My Manuals
Save this manual to your list of manuals

Page 89 highlights

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620 Configure Wireless Intrusion Detection and Prevention • Configure Wireless Intrusion Detection and Prevention Policy Settings • Configure Wireless Intrusion Detection and Prevention Mail Settings • Monitor Traps, Counters, and Ad Hoc Networks Configure Wireless Intrusion Detection and Prevention Policy Settings The wireless access point provides a wireless intrusion detection system (WIDS) and wireless intrusion prevention system (WIPS) to detect and mitigate wireless attacks. These intrusion systems are referred to as IDS/IPS. If enabled, the IDS recognizes multiple types of wireless attacks, and the IPS automatically neutralizes many attacks. Attacks are covered by preconfigured policy rules. When an attack occurs, the wireless access point can notify a network administrator though an email. The following table lists all IDS/IPS policies with their policy rules. Most of these policies provide protection against denial of service (DoS) attacks. You can enable or disable IDS/IPS policies, but both the policies and the policy rules are not configurable. All thresholds are measured over a short period. For the IDS/IPS to send a notification according to the policy rule, you first need to configure the email settings (see Configure Wireless Intrusion Detection and Prevention Mail Settings on page 95). Table 24. IDS/IPS policies and policy rules Policy Description Policy Rule Threshold Notification Authentication flood • • • Attack. Multiple authentication requests (5 or more) that use 5 spoofed MAC addresses of legitimate clients are sent to the wireless access point. Result. The client association table overflows, causing authentication requests from legitimate clients to be denied. Solution. The oldest clients that are stuck in the authentication phase are removed from the table. Trap Association flood • Attack. Multiple association requests (5 or more) that use 5 spoofed MAC addresses of legitimate clients are sent to the wireless access point. • Result. The client association table overflows, causing association requests from legitimate clients to be denied. • Solution. The oldest associations are removed from the table. Trap Management and Monitoring 89

Section	Page
ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620	1
Contents	3
1. Introduction	6
About the ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620	6
What Is in the Box?	7
System Requirements	8
Key Features and Standards	8
Supported Standards and Conventions	8
Key Features	9
802.11b/g/n and 802.11a/n Standards–Based Wireless Networking	11
Autosensing Ethernet Connections with Auto Uplink	11
Hardware Description	11
Top Panel	11
Rear Panel	13
Bottom Panel with Product Label	13
Register the Wireless Access Point	14
2. Installation and Basic Configuration	17
What You Need Before You Begin	17
Wireless Equipment Placement and Range Guidelines	17
Ethernet Cabling Requirements	18
LAN Configuration Requirements	18
Hardware Requirements for Computers on Your LAN	19
Operating Frequency (Channel) Guidelines	19
Requirements for Entering IP Addresses	19
Install and Configure the Wireless Access Point	20
Connect the Wireless Access Point to a Computer	20
Log In to the Wireless Access Point	22
Configure Basic General System Settings and Time Settings	23
Configure the IPv4 Settings	25
Configure the Optional DHCPv4 Server	27
Configure the Basic Wireless Settings	28
Test Basic Wireless Connectivity	34
Mount the Wireless Access Point	35
Ceiling Installation	35
Wall Installation	38
Desk Installation	41
3. Wireless Configuration and Security	42
Wireless Data Security Options	42
Security Profiles	44
Before You Change the SSID, WEP, and WPA Settings	46
Configure and Enable Security Profiles	48
Configure RADIUS Server Settings	57
Restrict Wireless Access by MAC Address	60
Schedule the Wireless Radio to Be Turned Off	61
Configure Basic Wireless Quality of Service	62
4. Management and Monitoring	64
Enable Remote Management	64
SNMP Management	64
Secure Shell and Telnet Management	66
Upgrade the Wireless Access Point Software	67
Web Browser Upgrade Procedure	68
TFTP Server Upgrade Procedure	69
Manage the Configuration File or Reset to Factory Defaults	70
Save the Configuration	70
Restore the Configuration	71
Restore the Wireless Access Point to the Factory Default Settings	71
Reboot the Wireless Access Point without Restoring the Default Configuration	73
Change the Administrator Password	74
Manage User Accounts	75
Enable the Syslog Server	76
Monitor the Wireless Access Point	77
View System Information	77
Monitor Wireless Stations	80
View the Activity Log	83
Traffic Statistics	83
Enable Rogue AP Detection and Monitor Access Points	85
Enable and Configure Rogue AP Detection	85
View and Save Access Point Lists	87
Configure Wireless Intrusion Detection and Prevention	89
Configure Wireless Intrusion Detection and Prevention Policy Settings	89
Configure Wireless Intrusion Detection and Prevention Mail Settings	95
Monitor Traps, Counters, and Ad Hoc Networks	96
5. Advanced Configuration	99
Configure IPv6 Settings and Optional DHCPv6 Server Settings	99
Configure the IPv6 Settings	99
Configure the Optional DHCPv6 Server	101
Configure Spanning Tree Protocol, 802.1Q VLAN, and Link Layer Discovery Protocol	103
Configure STP and VLANs	103
Configure Ethernet LLDP	105
Configure Hotspot Settings	106
Configure Advanced Wireless Settings	107
Configure Advanced Quality of Service Settings	110
Configure Quality of Service Policies	112
Configure Wireless Bridging	118
Configure a Point-to-Point Wireless Network	118
Configure a Point-to-Multipoint Wireless Network	122
Configure the Wireless Access Point to Repeat the Wireless Signal Using Point-to-Multipoint Bridge Mode	126
6. Troubleshooting	131
Basic Functioning	132
Verify the Correct Sequence of Events at Startup	132
No LEDs Are Lit on the Wireless Access Point	132
The Active LED or the LAN LED Is Not Lit	133
The WLAN LED Does Not Light Up	133
You Cannot Access the Internet or the LAN from a Wireless-Capable Computer	134
You Cannot Configure the Wireless Access Point from a Browser	134
When You Enter a URL or IP Address a Time-Out Error Occurs	135
Troubleshoot a TCP/IP Network Using the Ping Utility	135
Test the LAN Path to Your Wireless Access Point	136
Test the Path from Your Computer to a Remote Device	137
Problems with Date and Time	137
Use the Packet Capture Tool	138
A. Supplemental Information	139
Technical Specifications	139
Factory Default Settings	142
B. Command-Line Reference	146
C. Notification of Compliance	161

Match case Limit results 1 per page

Management and Monitoring

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Configure Wireless Intrusion Detection and Prevention

•

Configure Wireless Intrusion Detection and Prevention Policy Settings

•

Configure Wireless Intrusion Detection and Prevention Mail Settings

•

Monitor Traps, Counters, and Ad Hoc Networks

Configure Wireless Intrusion Detection and Prevention Policy

Settings

The wireless access point provides a wireless intrusion detection system (WIDS) and

wireless intrusion prevention system (WIPS) to detect and mitigate wireless attacks. These

intrusion systems are referred to as IDS/IPS.

If enabled, the IDS recognizes multiple types of wireless attacks, and the IPS automatically

neutralizes many attacks. Attacks are covered by preconfigured policy rules. When an attack

occurs, the wireless access point can notify a network administrator though an email.

The following table lists all IDS/IPS policies with their policy rules. Most of these policies

provide protection against denial of service (DoS) attacks. You can enable or disable IDS/IPS

policies, but both the policies and the policy rules are not configurable.

All thresholds are measured over a short period. For the IDS/IPS to send a notification according

to the policy rule, you first need to configure the email settings (see

Configure Wireless Intrusion

Detection and Prevention Mail Settings

on page 95).

Table 24.

IDS/IPS policies and policy rules

Policy

Description

Policy Rule

Threshold

Notification

Authentication flood

•

Attack

. Multiple authentication requests (5 or more) that use

spoofed MAC addresses of legitimate clients are sent to the

wireless access point.

•

Result

. The client association table overflows, causing

authentication requests from legitimate clients to be denied.

•

Solution

. The oldest clients that are stuck in the authentication

phase are removed from the table.

Trap

Association flood

•