Home » Netgear Manuals » Wireless » Netgear WNDAP660 » Manual Viewer

Netgear WNDAP660 Reference Manual - Page 90

Table 24., IDS/IPS policies and policy rules, Policy, Description, Policy Rule, Attack, Result

Add to My Manuals
Save this manual to your list of manuals

Page 90 highlights

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP660 Table 24. IDS/IPS policies and policy rules Policy Description Policy Rule Threshold Notification Authentication flood • • • Attack. Multiple authentication requests (5 or more) that use 5 spoofed MAC addresses of legitimate clients are sent to the wireless access point. Result. The client association table overflows, causing authentication requests from legitimate clients to be denied. Solution. The oldest clients that are stuck in the authentication phase are removed from the table. Trap Association flood • Attack. Multiple association requests (5 or more) that use 5 spoofed MAC addresses of legitimate clients are sent to the wireless access point. • Result. The client association table overflows, causing association requests from legitimate clients to be denied. • Solution. The oldest associations are removed from the table. Trap Unauthenticated association • Attack. Multiple unauthenticated association requests (5 or 5 more) that use spoofed MAC addresses of legitimate clients are sent to the wireless access point. • Result. The client association table overflows, causing authentication requests from legitimate clients to be denied. • Solution. The oldest clients that are stuck in the authentication phase are removed from the table. Trap Association table overflow • Attack. Multiple clients (5 or more) that use spoofed MAC 5 addresses of legitimate clients attempt to connect to the wireless access point. • Result. The client association table overflows, causing association requests from legitimate clients to be denied. • Solution. The oldest associations are removed from the table. Trap Authentication failure attack • Attack. Multiple invalid authentication requests (5 or more) that 5 use the spoofed MAC address of a legitimate client are sent to the wireless access point. • Result. The client is disconnected from the wireless access point. • Solution. The wireless access point determines if the legitimate client is already connected before processing an authentication request. Trap Deauthentication broadcast attack • Attack. Multiple deauthentication frames (5 or more) that use 5 the spoofed MAC address of the wireless access point are sent to legitimate clients. • Result. Clients are disconnected from the wireless access point. Trap Note: The IDS detects this attack, but the IPS does not take action against this attack. Management and Monitoring 90

Section	Page
ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP660	1
Contents	3
1. Introduction	6
About the ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP660	6
What Is in the Box?	7
System Requirements	8
Key Features and Standards	8
Supported Standards and Conventions	8
Key Features	9
802.11b/g/n and 802.11a/n Standards–Based Wireless Networking	11
Autosensing Ethernet Connections with Auto Uplink	11
Hardware Description	11
Top Panel	12
Rear Panel	13
Bottom Panel with Product Label	14
Register the Wireless Access Point	14
2. Installation and Basic Configuration	17
What You Need Before You Begin	17
Wireless Equipment Placement and Range Guidelines	17
Ethernet Cabling Requirements	18
LAN Configuration Requirements	18
Hardware Requirements for Computers on Your LAN	19
Operating Frequency (Channel) Guidelines	19
Requirements for Entering IP Addresses	19
Install and Configure the Wireless Access Point	20
Connect the Wireless Access Point to a Computer	20
Log In to the Wireless Access Point	22
Configure Basic General System Settings and Time Settings	23
Configure the IPv4 Settings	25
Configure the Optional DHCPv4 Server	27
Configure the Basic Wireless Settings	28
Test Basic Wireless Connectivity	34
Mount the Wireless Access Point	35
Ceiling Installation	35
Wall Installation	38
Desk Installation	41
3. Wireless Configuration and Security	42
Wireless Data Security Options	42
Security Profiles	44
Before You Change the SSID, WEP, and WPA Settings	46
Configure and Enable Security Profiles	48
Configure RADIUS Server Settings	57
Restrict Wireless Access by MAC Address	60
Schedule the Wireless Radios to Be Turned Off	61
Configure Basic Wireless Quality of Service	62
4. Management and Monitoring	64
Enable Remote Management	64
SNMP Management	64
Secure Shell and Telnet Management	66
Upgrade the Wireless Access Point Software	67
Web Browser Upgrade Procedure	68
TFTP Server Upgrade Procedure	69
Manage the Configuration File or Reset to Factory Defaults	70
Save the Configuration	70
Restore the Configuration	71
Restore the Wireless Access Point to the Factory Default Settings	71
Reboot the Wireless Access Point without Restoring the Default Configuration	73
Change the Administrator Password	74
Manage User Accounts	75
Enable the Syslog Server	76
Monitor the Wireless Access Point	77
View System Information	77
Monitor Wireless Stations	80
View the Activity Log	83
Traffic Statistics	83
Enable Rogue AP Detection and Monitor Access Points	85
Enable and Configure Rogue AP Detection	85
View and Save Access Point Lists	87
Configure Wireless Intrusion Detection and Prevention	89
Configure Wireless Intrusion Detection and Prevention Policy Settings	89
Configure Wireless Intrusion Detection and Prevention Mail Settings	95
Monitor Traps, Counters, and Ad Hoc Networks	96
5. Advanced Configuration	99
Configure IPv6 Settings and Optional DHCPv6 Server Settings	99
Configure the IPv6 Settings	99
Configure the Optional DHCPv6 Server	101
Configure Spanning Tree Protocol, 802.1Q VLAN, and Link Layer Discovery Protocol	103
Configure STP and VLANs	103
Configure Ethernet LLDP	105
Configure Hotspot Settings	106
Configure Advanced Wireless Settings	107
Configure Advanced Quality of Service Settings	111
Configure Quality of Service Policies	113
Configure Wireless Bridging	119
Configure a Point-to-Point Wireless Network	119
Configure a Point-to-Multipoint Wireless Network	123
Configure the Wireless Access Point to Repeat the Wireless Signal Using Point-to-Multipoint Bridge Mode	127
6. Troubleshooting	132
Basic Functioning	133
Verify the Correct Sequence of Events at Startup	133
No LEDs Are Lit on the Wireless Access Point	133
The Active LED or the LAN LED Is Not Lit	134
The WLAN LED Does Not Light Up	134
You Cannot Access the Internet or the LAN from a Wireless-Capable Computer	135
You Cannot Configure the Wireless Access Point from a Browser	135
When You Enter a URL or IP Address a Time-Out Error Occurs	136
Troubleshoot a TCP/IP Network Using the Ping Utility	136
Test the LAN Path to Your Wireless Access Point	137
Test the Path from Your Computer to a Remote Device	138
Problems with Date and Time	138
Use the Packet Capture Tool	139
A. Supplemental Information	140
Technical Specifications	140
Factory Default Settings	143
B. Command-Line Reference	147
C. Notification of Compliance	163

Match case Limit results 1 per page

Management and Monitoring

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP660

Table 24.

IDS/IPS policies and policy rules

Policy

Description

Policy Rule

Threshold

Notification

Authentication flood

•

Attack

. Multiple authentication requests (5 or more) that use

spoofed MAC addresses of legitimate clients are sent to the

wireless access point.

•

Result

. The client association table overflows, causing

authentication requests from legitimate clients to be denied.

•

Solution

. The oldest clients that are stuck in the authentication

phase are removed from the table.

Trap

Association flood

•

Attack

. Multiple association requests (5 or more) that use

spoofed MAC addresses of legitimate clients are sent to the

wireless access point.

•

Result

. The client association table overflows, causing

association requests from legitimate clients to be denied.

•

Solution

. The oldest associations are removed from the table.

Trap

Unauthenticated

association

•

Attack

. Multiple unauthenticated association requests (5 or

more) that use spoofed MAC addresses of legitimate clients are

sent to the wireless access point.

•

Result

. The client association table overflows, causing

authentication requests from legitimate clients to be denied.

•

Solution

. The oldest clients that are stuck in the authentication

phase are removed from the table.

Trap

Association table

overflow

•

Attack

. Multiple clients (5 or more) that use spoofed MAC

addresses of legitimate clients attempt to connect to the

wireless access point.

•

Result

. The client association table overflows, causing

association requests from legitimate clients to be denied.

•

Solution

. The oldest associations are removed from the table.

Trap

Authentication

failure attack

•

Attack

. Multiple invalid authentication requests (5 or more) that

use the spoofed MAC address of a legitimate client are sent to

the wireless access point.

•

Result

. The client is disconnected from the wireless access

point.

•

Solution

. The wireless access point determines if the legitimate

client is already connected before processing an authentication

request.

Trap

Deauthentication

broadcast attack

•

Attack

. Multiple deauthentication frames (5 or more) that use

the spoofed MAC address of the wireless access point are sent

to legitimate clients.

•

Result

. Clients are disconnected from the wireless access

point.

Note:

The IDS detects this attack, but the IPS does not take action

against this attack.

Trap