D-Link DWC-1000 User Manual page 74

Section 6 - Securing Your Network
2. Enable or disable the security options as desired (refer to the table below) and click Save.
Field
not Present in oUi Database
test
not Present in Known Client
Database test
Configured Authentication rate
test
Configured Probe requests
rate test
Configured De-Authentication
requests rate test
Maximum Authentication
Failures test
Authentication with Unknown
AP test
Client threat Mitigation
Known Client Database lookup
Method
Known Client Database radius
server name
rogue Detected trap interval
De-Authentication requests
threshold interval
De-Authentication requests
threshold Value
Authentication requests
threshold interval
Authentication requests
threshold Value
Probe requests threshold
interval
Probe requests threshold Value
Authentication Failure
threshold Value
D-Link DWC-1000 User Manual
This test checks whether the MAC address of the client is from a registered
manufacturer identified in the OUI database.
This test checks whether the client, which is identified by its MAC address, is listed
in the Known Client Database and is allowed access to the AP either through the
Authentication Action of Grant or through the White List global action.
If the client is in the Known Client Database and has an action of Deny, or if the
action is Global Action and it is globally set to Black List, the client fails this test.
This test checks whether the client has exceeded the configured rate for transmitting
802.11 authentication requests.
This test checks whether the client has exceeded the configured rate for transmitting
probe requests.
This test checks whether the client has exceeded the configured rate for transmitting
de‐authentication requests.
This test checks whether the client has exceeded the maximum number of failed
authentications.
This test checks whether a client in the Known Client database is authenticated with
an unknown AP.
Select enable to send de‐authentication messages to clients that are in the Known
Clients database but are associated with unknown APs. The Authentication with
Unknown AP Test must also be enabled in order for the mitigation to take place.
Select disable to allow clients in the Known Clients database to remain authenticated
with an unknown AP.
When the controller detects a client on the network it performs a lookup in the
Known Client database. Specify whether the controller should use the local or
RADIUS database for these lookups.
If the known client database lookup method is RADIUS then this field specifies the
RADIUS server name.
Specify the interval, in seconds, between transmissions of the SNMP trap telling the
administrator that rogue APs are present in the RF Scan database. If you set the
value to 0, the trap is never sent.
Specify the number of seconds an AP should spend counting the de‐authentication
messages sent by wireless clients.
If the controller receives more than specified messages during the threshold interval
the test triggers.
Specify the number of seconds an AP should spend counting the authentication
messages sent by wireless clients.
If the controller receives more than specified messages during the threshold interval
the test triggers.
Specify the number of seconds an AP should spend counting the probe messages
sent by wireless clients.
Specify the number of probe requests a wireless client is allowed to send during the
threshold interval before the event is reported as a threat.
Specify the number of 802.1X authentication failures a client is allowed to have
before the event is reported as a threat.
Description
74