MSM7xx Controllers Configuration Guide v6.4.0

ManualsBrandsHP ManualsNetwork HardwareHP 425 Wireless Dual Radio 802.11n (JP) Access Point

191

192

193

194

195

196

197

198

199

200

• DoS EAPOL logoff flood

• DoS EAPOL start flood

• DoS Premature EAP success

• DoS Premature EAP failure

• DoS Beacon CFP

• DoS PS-Poll

• Bridging STP

• Misbehaving clients

• Ad-hoc networks

• Bridging

Wireless client classification

Automatic classification policies also divide clients into distinct groups. (Manual classification by

the administrator is not supported.) The following classifications are supported:

• Authorized clients: Clients that are either currently associated or have previously successfully

associated with a secure VSC on a controlled AP. (Note: In this context, a secure VSC is

considered to be a VSC with any type of security enabled: WPA, 802.1x, or WEP.)

• Non-authorized clients: Clients that never successfully associated with a secure VSC.

• Mis-associated clients: Clients that have been classified as Authorized but are found to be

associated to rogue or external APs.

IDS automatically builds and maintains a database of authorized clients and tracks when the device

last associated to a secure VSC. When teaming is active, the database is replicated to other

controllers in the team. In the unlikely event that the database size limit is reached, the oldest entries

are dropped.

IDS detects and reports the following wireless threats for client devices:

• Authorized clients participating in an ad-hoc network

• Authorized client mis-associations

• Bridging: Clients in Bridging/Windows Internet Connection Sharing (ICS) configuration

• Bridging: STP detection

Threat detection

IDS detects and reports the following wireless threats for client devices:

• Authorized clients participating in an ad-hoc network

• Authorized client mis-associations

• Bridging: Clients in Bridging/Windows Internet Connection Sharing (ICS) configuration

• Bridging: STP detection

802.11 is susceptible to a variety of denial-of-service (DoS) attacks that will impact the performance

and reliability of a wireless network. IDS detects and reports the following DoS attacks:

• Disassociation flood attack in progress

• Disassociation broadcast attack in progress

• Association flood attack in progress

• Deauthentication flood attack in progress

Wireless client classification 197