beautypg.com

Configuring firewalls and access control lists – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 335

background image

Brocade Mobility RFS7000-GR Controller System Reference Guide

321

53-1001944-01

Configuring firewalls and access control lists

6

3. Select a detected MU and click the Delete button to remove it from the list of MUs you are

tracking as potential threats within the switch managed network.

4. Click on the Export button to export the contents of the table to a Comma Separated Values file

(CSV).

Configuring firewalls and access control lists

An Access Control List (ACL) is a a sequential collection of permit and deny conditions that apply to
switch packets. When a packet is received on an interface, the switch compares the fields in the
packet against any applied ACLs to verify the packet has the required permissions to be forwarded,
based on the criteria specified in the access lists.

NOTE

If a packet does not meet any of the criteria specified in the ACL, the packet is dropped.

Violation Type

Displays the reason the violation occurred for each detected MU. Use the Violation
Type to discern whether the detected MU is truly a threat on the switch managed
network (and must be removed) or can be interpreted as a non threat. The
following violation types are possible:

Excessive Probes

Excessive Association

Excessive Disassociation

Excessive Authentication failure

Excessive Crypto replays

Excessive 802.11 replays

Excessive Decryption failures

Excessive Unassociated Frames

Excessive EAP Start Frames

Null destination

Same source/destination MAC

Source multicast MAC

Weak WEP IV

TKIP Countermeasures

Invalid Frame Length

Excessive EAP-NAKS

Invalid 802.1x frames

Invalid Frame Type

Beacon with broadcast ESSID

Frames with known bad ESSIDs

Unencrypted traffic

Frames with non-changing WEP IV

Detect Adhoc Networks

De-auth from broadcast smac

Invalid Sequence Number

NOTE: The following violation types require the Access Port be in scan mode:

Beacon with broadcast ESSID

Frames with known bad ESSIDs

Time Remaining

Displays the time remaining before the next filter activity. Detected MUs are
removed from the filtered list when they no longer violate the thresholds defined
within the Configuration tab.

See also other documents in the category Brocade Computer Accessories: