Profiles > Ids > Denial Of Service > Rate Threshold - Dell PowerConnect W-Airwave Configuration Manual

W-airwave 7.1 configuration guide

Hide thumbs Also See for PowerConnect W-Airwave:

User manual (334 pages)

Configuration manual (176 pages)

Manual (50 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

page of 176

/ 176
Contents
Table of Contents
Bookmarks

Table of Contents

Table 33 Aruba Configuration > Profiles > IDS > Denial of Service Profile Settings (Continued)

Field

AP Flood Increase

Time

AP Flood Detection

Quiet Time

Detect EAP Rate

Anomaly

EAP Rate

Thresholds

EAP Rate Time

Interval

EAP Rate Quiet

Time

Detect Rate

Anomalies

Detect 802.11n

40MHz Intolerance

Setting

Client 40 MHz

Intolerance

Detection Quiet

Time

3. Click

profiles page.

Profiles > IDS > Denial of Service > Rate Threshold

The IDS rate threshold profile defines thresholds assigned to the different frame types for rate anomaly

checking. A profile of this type is attached to each of the following 802.11 frame types in the IDS Denial of

Service profile:

Association frames

Disassociation frames

Deauthentication frames

Probe Request frames

Probe Response frames

Authentication frames

A channel threshold applies to an entire channel, while a node threshold applies to a particular client MAC

address. Aruba provides predefined default IDS rate thresholds profiles for each of these types of frames.

Default values depend upon the frame type.

Perform these steps to create Rate Threshold Profiles for use with

1. Click

summarizes the current thresholds available.

2. Click the

threshold to edit. The

AirWave Wireless Management Suite | Configuration Guide

Default

900

Yes

900

Add

Save

. The added or edited

Profiles > IDS > Denial of Service > Rate Thresholds

Add

button to create a new

Details

page appears. Complete the settings as described in

Description

Sets the time, in seconds, during which a configured number of Fake AP

beacons must be received to trigger an alarm.

After an alarm has been triggered by a Fake AP flood, the time (in seconds)

that must elapse before an identical alarm may be triggered.

Enables or disables Extensible Authentication Protocol (EAP) handshake

analysis to detect an abnormal number of authentication procedures on a

channel and generates an alarm when this condition is detected.

Sets the number of EAP handshakes that must be received within the EAP

Rate Time Interval to trigger an alarm.

Sets the time, in seconds, during which the configured number of EAP

handshakes must be received to trigger an alarm.

After an alarm has been triggered, sets the time (in seconds) that must

elapse before another identical alarm may be triggered.

Enables or disables detection of rate anomalies.

Enables or disables detection of 802.11n 40 MHz intolerance setting,

which controls whether stations and APs advertising 40 MHz intolerance

will be reported.

Controls the quiet time (when to stop reporting intolerant STAs if they have

not been detected), in seconds, for detection of 802.11n 40 MHz

intolerance setting.

Denial of Service

profile appears on the

in the

Rate Threshold

, or click the

IDS > Denial of Service

Denial of Service

profiles.

Aruba Navigation

pane. This page

pencil

icon next to an existing

Table

Aruba Configuration Reference |

34:

101

Table of Contents

This manual is also suitable for:

Airwave wireless management suite

Profiles > Ids > Denial Of Service > Rate Threshold - Dell PowerConnect W-Airwave Configuration Manual

Related Manuals for Dell PowerConnect W-Airwave

Related Content for Dell PowerConnect W-Airwave

This manual is also suitable for:

Table of Contents