Reference Guide

ManualsBrandsDell ManualsTVs & monitorsW-620

301

302

303

304

305

306

307

308

309

310

306 | ids unauthorized-device-profile Dell PowerConnect W-Series ArubaOS 6.2 | Reference Guide

Parameter Description Range Default

wired side of the network. Any other AP seen in the

RF environment that is not part of the valid

enterprise network is considered to be interfering

— it has the potential to cause RF interference but

it is not connected to the wired network and thus

does not represent a direct threat.

clone

Name of an existing IDS rate thresholds profile from

which parameter values are copied.

— —

detect-adhoc-network

Enable detection of adhoc networks. — false

detect-adhoc-using-valid-

ssid

Enable/disable detection of adhoc networks using

valid/protected SSIDs

— enable

detect-bad-wep

Enables detection of WEP initialization vectors that

are known to be weak and/or repeating. A primary

means of cracking WEP keys is to capture 802.11

frames over an extended period of time and search

for implementations that are still used by many

legacy devices.

— false

detect-ht-greenfield

Enables or disables detection of high-throughput

devices advertising greenfield preamble capability.

— false

detect-invalid-mac-oui

Enables checking of the first three bytes of a MAC

address, known as the organizationally unique

identifier (OUI), assigned by the IEEE to known

manufacturers. Often clients using a spoofed MAC

address do not use a valid OUI and instead use a

randomly generated MAC address. Enabling MAC

OUI checking causes an alarm to be triggered if an

unrecognized MAC address is in use.

— false

detect-misconfigured-ap

Enables detection of misconfigured APs. An AP is

classified as misconfigured if it is classified as valid

and does not meet any of the following configurable

parameters:

- valid channels

- encryption type

- list of valid AP MAC OUIs

- valid SSID list

— false

detect-sta-assoc-to-rogue

Enable/disable detection of station association to

rogue AP.

enable

detect-unencrypted-valid-

client

Enable/disable detection of unencrypted valid

clients.

— enable

detect-valid-client-m

isassociation

Enable/disable detection of misassociation between

a valid client and an unsafe AP. This setting can

detect the following misassociation types:

l MisassociationToRogueAP

l MisassociationToExternalAP

l MisassociationToHoneypotAP

l MisassociationToAdhocAP

l MisassociationToHostedAP

— enable