Reference Guide

ManualsBrandsDell ManualsAccess PlatformsW-3400

271

272

273

274

275

276

277

278

279

280

276 | ids unauthorized-device-profile Dell PowerConnect W-Series ArubaOS 6.1 CLI | Reference Guide

clone Name of an existing IDS rate thresholds profile from

which parameter values are copied.

——

detect-adhoc-network Enable detection of adhoc networks. — false

detect-adhoc-using-valid-

ssid

Enable/disable detection of adhoc networks using

valid/protected SSIDs

— enable

detect-bad-wep Enables detection of WEP initialization vectors that

are known to be weak and/or repeating. A primary

means of cracking WEP keys is to capture 802.11

frames over an extended period of time and search for

implementations that are still used by many legacy

devices.

— false

detect-ht-greenfield Enables or disables detection of high-throughput

devices advertising greenfield preamble capability.

— false

detect-invalid-mac-oui Enables checking of the first three bytes of a MAC

address, known as the organizationally unique

identifier (OUI), assigned by the IEEE to known

manufacturers. Often clients using a spoofed MAC

address do not use a valid OUI and instead use a

randomly generated MAC address. Enabling MAC OUI

checking causes an alarm to be triggered if an

unrecognized MAC address is in use.

— false

detect-misconfigured-ap Enables detection of misconfigured APs. An AP is

classified as misconfigured if it is classified as valid

and does not meet any of the following configurable

parameters:

- valid channels

- encryption type

- list of valid AP MAC OUIs

- valid SSID list

— false

detect-sta-assoc-to-rogue Enable/disable detection of station association to

rogue AP.

enable

detect-unencrypted-valid-

client

Enable/disable detection of unencrypted valid clients. — enable

detect-valid-client-

misassociation

Enable/disable detection of misassociation between a

valid client and an unsafe AP

— enable

detect-valid-ssid-misuse Enable/disable detection of Interfering or Neighbor

APs using valid/protected SSIDs

— disable

detect-windows-bridge Enables detection of Windows station bridging. — true

detect-wireless-bridge Enables detection of wireless bridging. — false

mac-oui-quiet-time Time, in seconds, that must elapse after an invalid

MAC OUI alarm has been triggered before another

identical alarm may be triggered.

60-360000

seconds

900

seconds

no Negates any configured parameter. — —

oui-classification Enable/disable OUI based rogue AP classification — enable

overlay-classification Enable/disable overlay rogue AP classification — enable

privacy Enables encryption as a valid AP configuration. — false

prop-wm-classification Enable/disable rogue AP classification through

propagated wired MACs

— true

Parameter Description Range Default