Detection - Samsung WEC8500 Operation Manual

2600-00FK1RGA4 Ver.
8.2.2

Detection

The W-EP wireless LAN system detects all the packets in a wireless LAN network,
classifies unauthorized APs and wireless terminals, and creates related alarms and logs.
The detected unauthorized APs are classified as follows according to the configured
classification policy.
Classification type
Friendly AP
Malicious AP
Unclassified AP
8.2.2.1 Configuring the friendly AP classification policy
To configure the friendly type unauthorized AP classification policy, execute the command
as follows:
Configuration using CLI
1) Go to configure  wids  rogue configuration mode of CLI.
WEC8500# configure terminal
WEC8500/configure# wids
WEC8500/configure/wids# rogue
WEC8500/configure/wids/rogue#
2) Configure the friendly type unauthorized AP policy.

add-classification-rule-friendly [RULE_NAME] enable [PRIORITY] [SSID_TYPE]
[SSID]
Parameter
RULE_NAME
PRIORITY
SSID_TYPE
© SAMSUNG Electronics Co., Ltd.
3.0
AP that is allowed to be used by an administrator among the detected
unauthorized APs
- Configures the friendly AP classification policy.
- An administrator can classify a specific AP as a friendly AP among the
manually detected unauthorized APs.
AP that is not allowed to be used by an administrator among the detected
unauthorized APs and AP that can be used maliciously
- Configures the malicious AP classification policy.
- An administrator can classify a specific AP as a malicious AP among the
manually detected unauthorized APs.
AP that is not classified as a friendly AP or a malicious AP among the
detected unauthorized APs
Classification policy name
Priority number
SSID type
- managed-ssid: SSID that is used in an authorized AP that is connected to
CHAPTER 8. Security
Description
Description
page 283 of 496