Profiles > Ids > Impersonation - Dell PowerConnect W-Airwave Configuration Manual

W-airwave 7.1 configuration guide

Hide thumbs Also See for PowerConnect W-Airwave:

User manual (334 pages)

Configuration manual (176 pages)

Manual (50 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

page of 176

/ 176
Contents
Table of Contents
Bookmarks

Table of Contents

Profiles > IDS > Impersonation

Perform these steps to create IDS

1. Click

2. Click the

profile to edit. The

Table 35 Aruba Configuration > Profiles > IDS > Impersonation Settings

Field

General Settings

Folder

Name

Other Settings

Detect AP

Impersonation

Protect from AP

Impersonation

Beacon Diff

Threshold (0-100%)

Beacon Increase

Wait Time

(0-360000 sec)

Detect Sequence

Anomaly

Sequence Number

of Difference

(0-100000)

Sequence Number

Time Tolerance

(0-360000 sec)

Sequence Number

Quiet Time

(60-360000 sec)

3. Click

Impersonation

AirWave Wireless Management Suite | Configuration Guide

Profiles > IDS > Impersonation

Add

button to create a new

Details

page appears. Complete the settings as described in

Default

Top

Blank

Yes

300

900

Add

Save

. The added or edited

page.

Impersonation

profiles.

Aruba Navigation

in the

Impersonation

profile

Description

Use this field to set and display the folder with which the profile is

associated. The drop-down menu displays all folders available for

association with the profile.

Folders provide a way to organize the visibility of device parameters that is

separate from the configuration groups of devices. Using folders, you can

view basic statistics about device, and define which users have visibility to

which device parameters.

Enter the name of the impersonation profile.

Enable or disable detection of AP impersonation. In AP impersonation

attacks, the attacker sets up an AP that assumes the BSSID and ESSID of

a valid AP. AP impersonation attacks can be done for man-in-the-middle

attacks, a rogue AP attempting to bypass detection, or a honeypot attack.

When AP impersonation is detected, use this control to set both the

legitimate and impersonating AP to be disabled using a denial of service

attack.

Set the percentage increase in beacon rate that triggers an AP

impersonation event.

Set the time, in seconds, after the Beacon Diff Threshold is crossed before

an AP impersonation event is generated.

Enable or disable detection of anomalies between sequence numbers

seen in 802.11 frames. During an impersonation attack, the attacker may

spoof the MAC address of a client or AP — if two devices are active on the

network with the same MAC address, the sequence numbers in the frames

will not match since the sequence number is generated by NIC firmware.

Set the maximum allowable tolerance between sequence numbers within

the Sequence Number Time Tolerance period.

Time, in seconds, during which sequence numbers must exceed the

Sequence Number Difference value for an alarm to be triggered.

After an alarm has been triggered, the time (in seconds) that must elapse

before another identical alarm may be triggered.

Impersonation

profile appears on the

pane.

pencil

or click the

icon next to an existing

Table

Profiles > IDS >

Aruba Configuration Reference |

35:

103

Table of Contents

This manual is also suitable for:

Airwave wireless management suite

Profiles > Ids > Impersonation - Dell PowerConnect W-Airwave Configuration Manual

Related Manuals for Dell PowerConnect W-Airwave

Related Content for Dell PowerConnect W-Airwave

This manual is also suitable for:

Table of Contents