D-Link DWL-8600AP User Manual page 633

D-Link UWS User Manual
Field
Standalone AP with
unexpected configuration
Unexpected WDS device
detected on network
Unmanaged AP detected on
wired network
Rogue Detected Trap Interval Specify the interval, in seconds, between transmissions of the SNMP trap
Wired Network Detection
Interval
AP De-Authentication Attack
Command Buttons
The page includes the following buttons:
• Submit—Updates the switch with the values you enter. To retain the new values across a power cycle,
you must perform a save (Tool > Save Changes).
• Refresh—Updates the page with the latest information.
D-Link
Oct. 2015
Table 362: WIDS AP Configuration (Cont.)
Description
If the AP is classified as a known standalone AP, then the switch checks
whether the AP is operating with the expected configuration parameters.
You configure the expected parameters for the standalone AP in the local or
RADIUS Valid AP database.
This test may detect network misconfiguration as well as potential intrusion
attempts.The following parameters are checked:
• Channel Number
• SSID
• Security Mode
• WDS Mode
• Presence on a wired network
If the AP is classified as a Managed or Unknown AP and wireless distribution
system (WDS) traffic is detected on the AP, then the AP is considered to be
Rogue.
Only stand-alone APs that are explicitly allowed to operate in WDS mode are
not reported as rogues by this test.
This test checks whether the AP is detected on the wired network. If the AP
state is Unknown, then the test changes the AP state to Rogue. The flag
indicating whether AP is detected on the wired network is reported as part of
the RF Scan report. If AP is managed and is detected on the network then the
switch simply reports this fact and doesn't change the AP state to Rogue.
In order for the wireless system to detect this threat, the wireless network
must contain one or more radios that operate in sentry mode.
telling the administrator that rogue APs are present in the RF Scan database.
If you set the value to 0, the trap is never sent.
Specify the number of seconds that the AP waits before starting a new wired
network detection cycle. If you set the value to 0, wired network detection is
disabled.
Enable or disable the AP de-authentication attack.
The wireless switch can protect against rogue APs by sending de-
authentication messages to the rogue AP. The de-authentication attack
feature must be globally enabled in order for the wireless system to do this
function. Make sure that no legitimate APs are classified as rogues before
enabling the attack feature. This feature is disabled by default.
Configuring Advanced Settings
Unified Wired and Wireless Access System
Page 633