NETGEAR ProSafe Premium WNDAP620 Reference Manual page 93

Prosafe premium 3 x 3 dual-band wireless-n access point

Hide thumbs Also See for ProSafe Premium WNDAP620:

Installation manual (2 pages)

Installation manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

Table of Contents

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Table 24. IDS/IPS policies and policy rules (continued)

Policy

Description

Known client

•

Detection. Clients that should be connected to the secured

associating with

wireless network are instead connected to wireless access

ad-hoc network

points that are part of an ad hoc network.

•

Result. Wireless security might be compromised.

•

Solution. The clients are disconnected from the ad hoc

network.

AP property

•

Detection. Unauthorized changes such as a change of SSID,

changed

security settings, or channel are made on a known wireless

access point in the network.

•

Result. Wireless security is compromised and clients cannot

connect to the wireless access point.

Note:

access point in the network are changed, but the IPS does not take

action.

The changes that the IDS detects are listed in a table. The affected

wireless access point is identified by its MAC address. To correct

the situation, access the web management interface of the affected

wireless access point, and reverse the changes.

To remove the detected changes from the table:

1. Select the check box to the left of the wireless access point for

which you want to remove the changes from the table.

2. Above the table, click Delete.

Device probing for

•

Detection. Multiple probe requests (30 or more) are sent to

access points

collect information about the wireless access point for possible

future attacks. For example, it is suspect when there are too

many probe requests with a different SSID from same MAC

address.

•

Result. An attack might occur, or wireless security might

become compromised.

•

Solution. The wireless access point does not respond to probe

requests that do not contain its SSID.

PS poll flood attack

•

Attack. Multiple power save (PS)–Poll frames (50 or more) are

sent to the wireless access point from an address that has a

spoofed MAC address of a legitimate client.

•

Result. Traffic that is intended for the legitimate client is sent to

the attacking address and is lost.

•

Solution. PS-Poll frames without a corresponding traffic

indication map (TIM) are rejected.

The IDS detects that the properties of a known wireless

Management and Monitoring

Policy Rule

Threshold

Notification

Trap

Table of Contents

NETGEAR ProSafe Premium WNDAP620 Reference Manual page 93

Related Manuals for NETGEAR ProSafe Premium WNDAP620

Related Products for NETGEAR ProSafe Premium WNDAP620

Table of Contents