beautypg.com

Wlan security configuration, Wlan security overview, Terminology – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 483: Detecting rogue devices

background image

467

WLAN security configuration

WLAN security overview

802.11 networks are susceptible to a wide array of threats such as unauthorized access points and clients,

ad hoc networks, and Denial of Service (DoS) attacks. Rogue devices are a serious threat to enterprise
security. To ensure security, the wireless intrusion detection system (WIDS) is introduced. WIDS provides

early detection of malicious attacks and intrusions on a wireless network without affecting network

performance, and provides real-time countermeasures.
WLAN security provides these features:

Rogue detection

WIDS attack detection

Blacklist and white list.

Terminology

Rogue AP—An unauthorized or malicious access point on the network, such as an employee setup
AP, misconfigured AP, neighbor AP or an attacker operated AP. As it is not authorized, if there is

any vulnerability in the AP, the hacker will have chance to compromise your network security.

Rogue client—An unauthorized or malicious client on the network.

Rogue wireless bridge—Unauthorized wireless bridge on the network.

Monitor AP—An AP that scans or listens to 802.11 frames to detect rogue devices in the network.

Ad hoc mode—A wireless client in ad-hoc mode can directly communicate with other stations
without support from any other device.

Detecting rogue devices

Rogue detection is applicable to large wireless networks. It detects the presence of rogue devices in a

WLAN network based on the pre-configured rules.
Rogue detection can detect different types of devices in a WLAN network, for example, rogue APs, rogue

clients, rogue wireless bridges, and ad-hoc terminals. An AP can work in either of the following modes

for rogue detection:

Monitor mode: In this mode, an AP scans all 802.11g frames in the WLAN, but cannot provide
WLAN services. As shown in

Figure 499

, AP 1 works as an access AP, and AP 2 works as a monitor

AP to listen to all 802.11g frames. AP 2 cannot provide wireless access services.

This manual is related to the following products:
See also other documents in the category H3C Technologies Routers: