Configuring wlan security, Wlan security overview, Terminology – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 632: Detecting rogue devices
611
Configuring WLAN security
WLAN security overview
802.11 networks are susceptible to a wide array of threats such as unauthorized access points and clients,
ad hoc networks, and Denial of Service (DoS) attacks. Rogue devices are a serious threat to enterprise
security. To ensure security, the wireless intrusion detection system (WIDS) is introduced. WIDS provides
early detection of malicious attacks and intrusions on a wireless network without affecting network
performance, and provides real-time countermeasures.
WLAN security provides these features:
•
Rogue detection
•
WIDS attack detection
•
Blacklist and whitelist
Terminology
•
Rogue AP—An unauthorized or malicious access point on the network, such as an employee setup
AP, misconfigured AP, neighbor AP or an attacker operated AP. Because it is not authorized, if there
is any vulnerability in the AP, the hacker will have a chance to compromise your network security.
•
Rogue client—An unauthorized or malicious client on the network.
•
Rogue wireless bridge—Unauthorized wireless bridge on the network.
•
Monitor AP—An AP that scans or listens to 802.11 frames to detect rogue devices in the network.
•
Ad hoc mode—A wireless client in ad-hoc mode can communicate directly with other stations
without support from any other device.
Detecting rogue devices
Rogue detection is applicable to large wireless networks. It detects the presence of rogue devices in a
WLAN network based on the pre-configured rules.
Rogue detection can detect different types of devices in a WLAN network, for example, rogue APs, rogue
clients, rogue wireless bridges, and ad-hoc terminals. An AP can work in either of the following modes
for rogue detection:
•
Monitor mode—An AP scans all 802.11g frames in the WLAN, but cannot provide WLAN services.
As shown in
, AP 1 works as an access AP, and AP 2 works as a monitor AP to listen to
all 802.11g frames. AP 2 cannot provide wireless access services.
- H3C WX5500E Series Access Controllers H3C WX3500E Series Access Controllers H3C WX2500E Series Access Controllers H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C LSUM3WCMD0 Access Controller Module H3C LSUM1WCME0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module