beautypg.com

Managing virtual security domains, Configuring ap categorization rules – H3C Technologies H3C Intelligent Management Center User Manual

Page 459

background image

437

3.

Delete a single sensor or multiple sensors in batches:

{

Select the sensors you want to delete, and click Delete.

{

Click the Operation icon

for the sensor you want to delete, and select Delete from the

menu.

A confirmation dialog box appears.

4.

Click OK.

Managing virtual security domains

You can perform the following configurations to mange virtual security domains:

AP categorization rules

Attack detection policy

Signature policy

Countermeasure policy

Virtual security domain

Configuring AP categorization rules

WIPS classifies detected APs or specifies the threat levels for detected APs according to AP

categorization rules. You can view the types or threat levels of all detected APs on the APs Detected

page.
WIPS uses AP categorization rules to classify detected APs into the following types:

Authorized AP—APs permitted in the WLAN.

External AP—APs in adjacent wireless networks. For example, APs in the WLAN of a nearby
cafe.

Misconfigured AP—APs that can be used in a wireless network but with wrong configurations.
For example, an AP in the permitted device list but with a wrong SSID.

Rogue AP—APs that cannot be used in a wireless network.

None—APs whose category cannot be determined.

An AP categorization rule can include one or more of the following sub rules:

SSID—Matches SSIDs.

Data Security—Matches security methods used by the AP.

Authentication method—Matches authentication methods used by the AP.

RSSI—Matches RSSIs of APs.

Running time of the AP—Matches running duration of APs.

Number of associated clients—Matches number of associated clients of APs.

Number of APs detected by the sensor—Matches number of APs detected by the sensor.

AP threat levels indicate the impact of potential-authorized APs, potential-rogue APs, potential-external
APs, or unrecognized APs to the WLAN. A higher threat level indicates more serious impact to the

WLAN. You can specify a threat level for APs matching an AP categorization rule, in the range of 0

to 100.

See also other documents in the category H3C Technologies Safety: