beautypg.com

H3C Technologies H3C Intelligent Management Center User Manual

Page 16

background image

xi

23 Managing wireless network security

··············································································································· 397 

IDS feature overview ···················································································································································· 397

 

IDS on Comware-based ACs ····························································································································· 397

 

IDS on MSM series ACs ····································································································································· 397

 

Accessing the WIDS Config page ····························································································································· 398

 

Querying ACs on the WIDS Config page ················································································································ 399

 

Enabling/Disabling IDS for MSM series ACs ··········································································································· 399

 

Enabling/disabling fit APs to detect rogue APs ········································································································ 400

 

Exporting authorized APs ············································································································································ 402

 

Importing authorized APs ············································································································································ 402

 

Configuring WIDS detection rules for Comware-based ACs ·················································································· 403

 

Maintaining the permitted-OUI list of an AC ···································································································· 404

 

Maintaining the permitted-SSID list of an AC ··································································································· 404

 

Maintaining the permitted-MAC address list of an AC ··················································································· 405

 

Maintaining the MAC-to-attack list of an AC ··································································································· 405

 

Managing rogue APs ·················································································································································· 405

 

Displaying the rogue AP list ······························································································································· 406

 

Querying rogue APs············································································································································ 406

 

Viewing detailed information about a Comware-based rogue AP ································································ 407

 

Adding Comware-based rogue APs to the MAC-to-attack list ········································································ 408

 

Removing Comware-based rogue APs from the MAC-to-attack list ······························································· 409

 

Adding Comware-based rogue APs to the permitted-MAC address list ······················································· 410

 

Locating a rogue AP ············································································································································ 410

 

Viewing detailed information about an MSM series rogue AP ······································································ 411

 

Manually authorizing an MSM series rogue AP ······························································································ 412

 

Managing rogue clients ·············································································································································· 412

 

Displaying the rogue client list ··························································································································· 412

 

Querying rogue clients ······································································································································· 413

 

Viewing detailed information about a rogue client ························································································· 414

 

Adding rogue clients to the MAC-to-attack list ································································································· 416

 

Removing rogue clients from the MAC-to-attack list························································································· 416

 

Adding rogue clients to the permitted-MAC address list ················································································· 417

 

Locating a rogue client ······································································································································· 417

 

24 Configuring WLAN IPS

····································································································································· 419 

Overview ······································································································································································· 419

 

Terminology ·································································································································································· 419

 

WIPS networking ·························································································································································· 420

 

Basic WIPS configurations ·········································································································································· 421

 

Accessing the WIPS Management page ·········································································································· 421

 

Enabling WIPS ····················································································································································· 421

 

Configuring time parameters ····························································································································· 421

 

Configuring the permitted channel list ·············································································································· 422

 

Configuring the static trusted address list ········································································································· 422

 

Configuring the alarm-ignored address list ······································································································ 424

 

Configuring the static blocked address list ······································································································· 426

 

Configuring the static countermeasures address list ························································································ 429

 

Configuring the static trusted OUI list ··············································································································· 431

 

Configuring the function set ······························································································································· 432

 

Configuring sensors ····················································································································································· 433

 

Viewing the sensor list ········································································································································ 433

 

Synchronizing the sensor list ······························································································································ 434

 

Querying sensors ················································································································································· 435

 

Adding a sensor ·················································································································································· 435

 

Binding sensors to a virtual security domain ···································································································· 436

 

See also other documents in the category H3C Technologies Safety: