Reference Guide

Table Of Contents
Dell PowerConnect W-Series ArubaOS 6.1 CLI | Reference Guide ids unauthorized-device-profile | 277
protect-adhoc-network Enables protection from adhoc networks. When
adhoc networks are detected, they are disabled using
a denial of service attack.
false
protect-high-throughput Enables or disables protection of high-throughput
(802.11n) devices.
false
protect-ht-40mhz Enables or disables protection of high-throughput
(802.11n) devices operating in 40 MHz mode.
false
protect-misconfigured-ap Enables protection of misconfigured APs. false
protect-ssid Enables use of SSID by valid APs only. false
protect-valid-sta When enabled (true), does not allow valid stations to
connect to a non-valid AP.
false
protect-windows-bridge Enable/disable protection of a windows station
bridging
disabled
require-wpa When enabled (true), any valid AP that is not using
WPA encryption is flagged as misconfigured.
false
rogue-containment Rogue APs can be detected (see classification) but
are not automatically disabled. This option
automatically shuts down rogue APs. When this
option is enabled (true), clients attempting to
associate to an AP classified as a rogue are
disconnected through a denial of service attack.
false
suspect-rogue-conf-level Confidence level of suspected Rogue AP to trigger
containment.
When an AP is classified as a suspected rogue AP, it
is assigned a 50% confidence level. If multiple APs
trigger the same events that classify the AP as a
suspected rogue, the confidence level increases by
5% up to 95%.
In combination with suspected rogue containment,
this option configures the threshold by which
containment should occur. Suspected rogue
containment occurs only when the configured
confidence level is met.
50-100% 60%
suspect-rogue-containment Suspected rogue APs are treated as interfering APs,
thereby the controller attempts to reclassify them as
rogue APs. Suspected rogue APs are not
automatically contained. In combination with the
configured confidence level (see suspect-rogue-conf-
level), this option contains the suspected rogue APs.
false
unencrypted-valid-client-
quiet-time
Time to wait, in seconds, after detecting an
unencrypted valid client after which the check can be
resumed.
60-360000
seconds
900
seconds
valid-and-protected-ssid List of valid and protected SSIDs.
valid-oui List of valid MAC OUIs.
valid-wired-mac List of MAC addresses of wired devices in the
network, typically gateways or servers.
——
wireless-bridge-quiet-time Time, in seconds, that must elapse after a wireless
bridge alarm has been triggered before another
identical alarm may be triggered.
60-360000 900
seconds
Parameter Description Range Default