Configure Wireless Intrusion Detection And Prevention; Configure Wireless Intrusion Detection And Prevention Policy Settings - NETGEAR ProSafe Premium WNDAP620 Reference Manual

Prosafe premium 3 x 3 dual-band wireless-n access point

Hide thumbs Also See for ProSafe Premium WNDAP620:

Installation manual (2 pages)

Installation manual (28 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

Table of Contents

ProSafe Premium 3 x 3 Dual-Band Wireless-N Access Point WNDAP620

Configure Wireless Intrusion Detection and Prevention

•

Configure Wireless Intrusion Detection and Prevention Policy Settings

•

Configure Wireless Intrusion Detection and Prevention Mail Settings

•

Monitor Traps, Counters, and Ad Hoc Networks

Configure Wireless Intrusion Detection and Prevention Policy

Settings

The wireless access point provides a wireless intrusion detection system (WIDS) and

wireless intrusion prevention system (WIPS) to detect and mitigate wireless attacks. These

intrusion systems are referred to as IDS/IPS.

If enabled, the IDS recognizes multiple types of wireless attacks, and the IPS automatically

neutralizes many attacks. Attacks are covered by preconfigured policy rules. When an attack

occurs, the wireless access point can notify a network administrator though an email.

The following table lists all IDS/IPS policies with their policy rules. Most of these policies

provide protection against denial of service (DoS) attacks. You can enable or disable IDS/IPS

policies, but both the policies and the policy rules are not configurable.

All thresholds are measured over a short period. For the IDS/IPS to send a notification according

to the policy rule, you first need to configure the email settings (see

Detection and Prevention Mail Settings

Table 24. IDS/IPS policies and policy rules

Policy

Authentication flood •

Association flood

on page 95).

Description

Attack. Multiple authentication requests (5 or more) that use

spoofed MAC addresses of legitimate clients are sent to the

wireless access point.

•

Result. The client association table overflows, causing

authentication requests from legitimate clients to be denied.

•

Solution. The oldest clients that are stuck in the authentication

phase are removed from the table.

•

Attack. Multiple association requests (5 or more) that use

spoofed MAC addresses of legitimate clients are sent to the

wireless access point.

•

Result. The client association table overflows, causing

association requests from legitimate clients to be denied.

•

Solution. The oldest associations are removed from the table.

Management and Monitoring

Configure Wireless Intrusion

Policy Rule

Threshold

Notification

Trap

Table of Contents

Configure Wireless Intrusion Detection And Prevention; Configure Wireless Intrusion Detection And Prevention Policy Settings - NETGEAR ProSafe Premium WNDAP620 Reference Manual

Configure Wireless Intrusion Detection and Prevention

Configure Wireless Intrusion Detection and Prevention Policy Settings

Related Manuals for NETGEAR ProSafe Premium WNDAP620

Related Content for NETGEAR ProSafe Premium WNDAP620

Table of Contents