Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-650

471

472

473

474

475

476

477

478

479

480

Dell PowerConnect ArubaOS 5.0 | User Guide Wireless Intrusion Prevention | 47 7

Protect Valid Stations Does not allow valid stations to connect to a non-valid AP (see “Classifying APs” on

page 482).

Default: disabled

Detect Bad WEP Enables or disables detection of WEP initialization vectors that are known to be weak. A

primary means of cracking WEP keys is to capture 802.11 frames over an extended period of

time and searching for such weak implementations that are still used by many legacy

devices.

Default: disabled

Detect Misconfigured AP Enables or disables detection of misconfigured APs. An AP is classified as misconfigured if it

does not meet any of the following configurable parameters:

z Valid channels

z Encryption type

z Short preamble

z List of valid AP MAC OUIs

z Valid SSID list

Default: disabled

Protect Misconfigured AP Enables or disables protection of misconfigured APs.

Default: disabled

Protect SSID Enables or disables use of SSID by only valid APs.

Default: disabled

Privacy Enable or disables encryption as valid AP configuration.

Default: disabled

Require WPA When enabled, any valid AP that is not using WPA encryption is flagged as misconfigured.

Default: disabled

Valid 802.11a channel for policy

enforcement (multi-valued)

List of valid 802.11a channels that third-party APs are allowed to use.

Default: N/A

Valid 802.11g channel for policy

enforcement (multi-valued)

List of valid 802.11g channels that third-party APs are allowed to use.

Default: N/A

Valid MAC OUIs (multi-valued) List of valid MAC organizationally unique identifiers (OUIs).

Valid and Protected SSIDs (multi-

valued)

List of valid and protected SSIDs.

Protect 802.11n High Throughput

Devices

Enables or disables protection of high-throughput (802.11n) devices.

Default: disabled.

Protect 40MHz 802.11n High

Throughput Devices

Enables or disables protection of high-throughput (802.11n) devices operating in 40 MHz

mode.

Default: disabled

Detect Active 802.11n Greenfield

Mode

Enables or disables detection of high-throughput devices advertising greenfield preamble

capability.

Default: enabled

Table 98 IDS Unauthorized Device Profile Configuration Parameters (Continued)

Parameter Description