Reference Guide

ManualsBrandsDell ManualsAccess PlatformsW-IAP175P/AC

121

122

123

124

125

126

127

128

129

130

128 | ids Dell Networking W-Series Instant 6.4.0.2-4.1 | CLI Reference Guide

l Client Detection Policies— Specifies the policy for detecting wireless attacks on clients

l Infrastructure Protection Policies— Specifies the policy for protecting access points from wireless attacks.

l Client Protection Policies— Specifies the policy for protecting clients from wireless attacks.

l Containment Methods— Prevents unauthorized stations from connecting to your Instant network.

Each of these options contains several default levels that enable different sets of policies. An administrator can

customize enable or disable these options accordingly. The following levels of detection can be configured:

l Off

l Low

l Medium

l High

Example

The following example configures detection and protection policies:

(Instant AP)(config)# ids

(Instant AP)(IDS)# infrastructure-detection-level low

(Instant AP)(IDS)# client-detection-level low

(Instant AP)(IDS)# infrastructure-protection-level low

(Instant AP)(IDS)# client-protection-level low

(Instant AP)(IDS)# wireless-containment deauth-only

(Instant AP)(IDS)# wired-containment

(Instant AP)(IDS)# detect-ap-spoofing

(Instant AP)(IDS)# detect-windows-bridge

(Instant AP)(IDS)# signature-deauth-broadcast

(Instant AP)(IDS)# signature-deassociation-broadcast

(Instant AP)(IDS)# detect-adhoc-using-valid-ssid

(Instant AP)(IDS)# detect-malformed-large-duration

(Instant AP)(IDS)# detect-ap-impersonation

(Instant AP)(IDS)# detect-adhoc-network

(Instant AP)(IDS)# detect-valid-ssid-misuse

(Instant AP)(IDS)# detect-wireless-bridge

(Instant AP)(IDS)# detect-ht-40mhz-intolerance

(Instant AP)(IDS)# detect-ht-greenfield

(Instant AP)(IDS)# detect-ap-flood

(Instant AP)(IDS)# detect-client-flood

(Instant AP)(IDS)# detect-bad-wep

(Instant AP)(IDS)# detect-cts-rate-anomaly

(Instant AP)(IDS)# detect-rts-rate-anomaly

(Instant AP)(IDS)# detect-invalid-addresscombination

(Instant AP)(IDS)# detect-malformed-htie

(Instant AP)(IDS)# detect-malformed-assoc-req

(Instant AP)(IDS)# detect-malformed-frame-auth

(Instant AP)(IDS)# detect-overflow-ie

(Instant AP)(IDS)# detect-overflow-eapol-key

(Instant AP)(IDS)# detect-beacon-wrong-channel

(Instant AP)(IDS)# detect-invalid-mac-oui

(Instant AP)(IDS)# detect-valid-clientmisassociation

(Instant AP)(IDS)# detect-disconnect-sta

(Instant AP)(IDS)# detect-omerta-attack

(Instant AP)(IDS)# detect-fatajack

(Instant AP)(IDS)# detect-block-ack-attack

(Instant AP)(IDS)# detect-hotspotter-attack

(Instant AP)(IDS)# detect-unencrypted-valid

(Instant AP)(IDS)# detect-power-save-dos-attack

(Instant AP)(IDS)# detect-eap-rate-anomaly

(Instant AP)(IDS)# detect-rate-anomalies

(Instant AP)(IDS)# detect-chopchop-attack