Dell PowerConnect W-IAP3WN/P User Manual Page 296
- Page / 377
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Dell Networking W-Series Instant 6.4.0.2-4.1 | User Guide Intrusion Detection | 296
Chapter 22
Intrusion Detection
The Intrusion Detection System (IDS) is a feature that monitors the network for the presence of unauthorized W-
IAPs and clients. It also logs information about the unauthorized W-IAPs and clients, and generates reports based
on the logged information.
The IDS feature in the Instant network enables you to detect rogue APs, interfering APs, and other devices that can
potentially disrupt network operations.
This chapter describes the following procedures:
l Detecting and Classifying Rogue APs on page 296
l OS Fingerprinting on page 296
l Configuring Wireless Intrusion Protection and Detection Levels on page 297
l Configuring IDSUsing CLI on page 301
Detecting and Classifying Rogue APs
A rogue AP is an unauthorized AP plugged into the wired side of the network.
An interfering AP is an AP seen in the RF environment but it is not connected to the wired network. While the
interfering AP can potentially cause RF interference, it is not considered a direct security threat, because it is not
connected to the wired network. However, an interfering AP may be reclassified as a rogue AP.
To detect the rogue APs, click the IDS link in the Instant main window. The built-in IDS scans for access points that
are not controlled by the Virtual Controller. These are listed and classified as either Interfering or Rogue, depending
on whether they are on a foreign network or your network.
Figure 110 Intrusion Detection
OS Fingerprinting
The OS Fingerprinting feature gathers information about the client that is connected to the Instant network to find the
operating system that the client is running on. The following is a list of advantages of this feature:
l Identifying rogue clients— Helps to identify clients that are running on forbidden operating systems.
l Identifying outdated operating systems— Helps to locate outdated and unexpected OS in the company network.
l Locating and patching vulnerable operating systems— Assists in locating and patching specific operating system
versions on the network that have known vulnerabilities, thereby securing the company network.
OS Fingerprinting is enabled in the Instant network by default. The following operating systems are identified by
Instant:
l Windows 7
- User Guide 1
- Dell Networking W-Series 1
- Instant 6.4.0.2-4.1 1
- Contents 3
- Instant User Interface 44 4
- In the Instant UI 79 6
- In the CLI 79 6
- In the Instant UI 81 6
- In the CLI 82 6
- Customizing W-IAP Settings 84 7
- VLAN Configuration 92 8
- Wireless Network Profiles 93 8
- Wired Profiles 112 9
- In the CLI 132 10
- Example 135 10
- In the Instant UI 141 11
- In the CLI 142 11
- In the Instant UI 142 11
- In the CLI 143 11
- Roles and Policies 176 14
- DHCP Configuration 201 16
- VPN Configuration 210 17
- IAP-VPN Deployment 223 17
- Adaptive Radio Management 232 18
- Example 249 19
- Voice and Video 251 20
- Services 255 20
- In the Instant UI 272 21
- In the CLI 272 21
- In the CLI 273 21
- Uplink Configuration 285 22
- Intrusion Detection 296 23
- Mesh W-IAP Configuration 303 23
- Spectrum Monitor 309 24
- W-IAP Maintenance 317 24
- Hotspot Profiles 338 25
- ClearPass Guest Setup 352 26
- Terminology 373 27
- Intended Audience 28
- Related Documents 28
- Conventions 28
- Contacting Dell 29
- Instant Overview 30
- Instant UI 31
- Instant CLI 31
- New Features in 6.4.0.2-4.1 33
- Setting up Instant Network 35
- Assigning a Static IP 36
- W-IAP Cluster 36
- Logging in to the Instant UI 37
- Regulatory Domains 38
- Code Country Name 39
- Accessing the Instant CLI 41
- Connecting to a CLI Session 42
- Sequence-Sensitive Commands 43
- Login Screen 44
- Main Window 45
- Networks Tab 46
- Access Points Tab 46
- Clients Tab 47
- New Version Available 47
- Security 50
- Maintenance 51
- Monitoring 57
- Table 9: 58
- RF Dashboard Icons 60
- Table 11: 62
- Table 12: 63
- Table 13: 65
- Spectrum 67
- Types of Alerts 68
- Figure 23 Client Alerts 69
- Figure 24 Fault History 69
- Figure 25 Active Faults 69
- Alerts list 70
- AirGroup 72
- Configuration 72
- W-AirWave Setup 73
- Pause/Resume 73
- Basic Configuration Tasks 74
- Configuring a Preferred Band 75
- Configuring Timezone 76
- Configuring an NTP Server 76
- Enabling AppRF Visibility 77
- Changing Password 77
- Configuring Auto Join Mode 79
- Configuring Terminal Access 80
- Configuring Console Access 80
- Configuring LED Display 81
- Modifying the W-IAP Hostname 84
- Configuring External Antenna 86
- Master Election Protocol 89
- (Instant AP)# iap-master 90
- (Instant AP)# show ap-env 90
- Antenna Type:Internal 90
- Adding a W-IAP to the Network 91
- Chapter 7 92
- VLAN Configuration 92
- Chapter 8 93
- Wireless Network Profiles 93
- WLAN Configuration Parameters 95
- Figure 37 Security Tab: Open 100
- Parameter Description 101
- Security Level 101
- Table 21: 101
- In the Instant UI 105
- In the CLI 105
- Opportunistic Key Caching 106
- Extended Capabilities IE 109
- RRM enabled capabilities IE 109
- Editing a WLAN SSID Profile 110
- Deleting a WLAN SSID Profile 111
- Configuring a Wired Profile 112
- Editing a Wired Profile 117
- Deleting a Wired Profile 118
- Understanding Captive Portal 120
- Walled Garden 121
- Parameters Description 122
- Managing W-IAP Users 140
- (Instant AP)(config)# end 143
- (Instant AP)# commit apply 143
- 802.1X authentication 147
- MAC authentication 147
- Captive Portal Authentication 148
- WISPr authentication 148
- Internal RADIUS Server 150
- External RADIUS Server 150
- WPA and WPA2 154
- WPA and WPA2 Features 155
- Table 32: 158
- Table 33: 159
- Enabling Dynamic RADIUS Proxy 161
- Blacklisting Clients 171
- Uploading Certificates 173
- Firewall Policies 176
- <eport> src-nat 179
- Configuring ALG Protocols 181
- Managing Inbound Traffic 183
- Table 36: 184
- Content Filtering 186
- Enabling Content Filtering 187
- Configuring User Roles 190
- In the CLI: 191
- Configuring Derivation Rules 192
- Understanding VLAN Assignment 194
- Vendor Specific Attributes 195
- User Role 196
- VLANs Created for an SSID 196
- Creating a User VLAN Role 199
- Configuring DHCP Scopes 201
- Name Description 202
- Table 38: 202
- Understanding VPN Features 210
- Mobility Controller 210
- Configuring an L2TPv3 Tunnel 215
- To view L2TPv3 configuration: 219
- To view L2TPV3 tunnel status: 219
- To view L2TPv3 tunnel config: 220
- Configuring Routing Profiles 221
- Chapter 15 223
- IAP-VPN Deployment 223
- IAP-VPN Forwarding Modes 224
- L3 Routing Mode 225
- Configuring DHCP Profiles 226
- OSPF Configuration 227
- VPN Configuration 229
- Branch-ID Allocation 230
- Branch Status Verification 230
- Branch Details 231
- ARM Overview 232
- Band Steering 233
- Airtime Fairness Mode 233
- Client Match 234
- Access Point Control 236
- Verifying ARM Configuration 237
- Deep Packet Inspection 241
- Application Visibility 242
- Application Charts 243
- Web Categories Charts 245
- Web Reputation Charts 245
- Chapter 18 251
- Voice and Video 251
- Configuring WMM-DSCP Mapping 252
- Port Packet Type 254
- Table 52: 254
- AirGroup Configuration 255
- DLNA UPnP Support 257
- AirGroup Features 258
- AirGroup Services 259
- AirGroup Components 260
- Creating a RADIUS Server 263
- Assign a Server to AirGroup 263
- Change of Authorization (CoA) 263
- ALE with Instant 265
- Integration with Instant 267
- CALEA Server Integration 270
- Client Traffic Replication 271
- Creating a CALEA Profile 272
- Verifying the configuration 273
- To verify the configuration: 274
- Chapter 20 275
- Trending Reports 276
- Intrusion Detection System 276
- Shared Key 278
- Figure 107 W-AirWave —Monitor 284
- Uplink Interfaces 285
- Cellular Uplink 287
- Wi-Fi Uplink 291
- Enforcing Uplinks 292
- Setting an Uplink Priority 293
- Enabling Uplink Preemption 293
- (Instant AP)(uplink)# end 294
- OS Fingerprinting 296
- Table 55: 298
- Client Detection Policies 299
- Client Protection Policies 300
- Configuring IDSUsing CLI 301
- Mesh Network Overview 303
- Mesh Points 304
- Layer-3 Mobility Overview 306
- Configuring L3-Mobility 307
- Understanding Spectrum Data 309
- Non Wi-Fi Interferers 310
- Non Wi-Fi Interferer Types 311
- Channel Details 312
- Channel Metrics 313
- Spectrum Alerts 314
- Upgrading a W-IAP 317
- Upgrading an Image Using CLI 319
- Viewing Current Configuration 319
- Backing up Configuration Data 320
- Restoring Configuration 320
- Table 63: 321
- Rebooting the W-IAP 325
- Configuring SNMP 327
- Configuring a Syslog Server 330
- Logging Levels 331
- Configuring TFTP Dump Server 332
- Support Commands 333
- Chapter 28 338
- Hotspot Profiles 338
- Configuring Hotspot Profiles 339
- Venue Types 342
- Configuring a 3GPP Profile 344
- Configuring a Domain Profile 344
- Creating a Hotspot Profile 346
- Table 69: 347
- Sample Configuration 349
- ClearPass Guest Setup 352
- Troubleshooting 355
- IAP-VPN Deployment Scenarios 356
- Redundancy 357
- Table 72: 358
- Datacenter Configuration 359
- AP Configuration 361
- Table 73: 362
- Topology 364
- Table 74: 366
- Table 75: 370
- Acronyms and Abbreviations 373
- Glossary 374
- List of Terms 375
Related products and manuals for Networking Dell PowerConnect W-IAP3WN/P
Networking Dell 3-DNS Setup Guide
(16 pages)
(16 pages)
Networking Dell PowerEdge T410 User Manual
(19 pages)
(19 pages)
Networking Dell DPND-523-EN12 User Manual
(16 pages)
(16 pages)
Networking Dell PowerEdge R310 User Manual
(14 pages)
(14 pages)
Networking Dell PowerEdge R820 User Manual
(17 pages)
(17 pages)
Networking Dell MD1120 User Manual
(17 pages)
(17 pages)
Networking Dell PowerEdge M915 User Manual
(24 pages)
(24 pages)
Networking Dell M4001F User Manual
(27 pages)
(27 pages)
Networking Dell TL24iSCSIxSAS User's Guide
(66 pages)
(66 pages)
© 2020, manymanuals.com. All rights reserved. | 3.248 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals