Configuring an advanced wips policy – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

606

Brocade Mobility RFS Controller System Reference Guide

53-1003099-01

10

25. Refer to Thresholds field to set signature threshold limitations used as filtering criteria.

26. Set a Filter Expiration (from1 - 86,400 seconds) that specifies the duration a client is excluded

from RF Domain manager radio association when responsible for triggering a WIPS event.

27. Refer to the Payload table to set a numerical index pattern and offset for the WIPS signature.

Select + Add Row and provide an Index, Pattern and Offset variable for the payload.

28. Select OK to save the updates to the WIPS Signature configuration. Select Reset to revert to

the last saved configuration.

Configuring an Advanced WIPS Policy

Intrusion Prevention

Define an advanced WIPS configuration to optionally remove (terminate) unwanted device
connections, and sanction (allow) or unsanaction (disallow) specific events within the network.

1. Select Configuration > Security > Intrusion Prevention.

2. Expand the Intrusion Prevention option within the Configuration > Security menu and select

Advanced WIPS.

NOTE

Advanced WIPS Policy is only supported on wireless controllers and requires a dedicated WIPS
sensor, but not a sensor license. Standard WIPS is available on all RF Domain managers and
supports on channel, off channel and dedicated sensor scanning.

Client Threshold

Specify the threshold limit per client that, when exceeded, signals the event. The configurable range is
from 1 - 65,535.

Radio Threshold

Specify the threshold limit per radio that, when exceeded, signals the event. The configurable range is
from 1 - 65,535.