Cisco Cisco Access Registrar 4.2 Specifikace Strana 256
- Strana / 636
- Tabulka s obsahem
- ŘEŠENÍ PROBLÉMŮ
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
5-72
Cisco Wireless LAN Controller Configuration Guide
OL-13826-01
Chapter 5 Configuring Security Solutions
Configuring IDS
This page shows much of the same information as the Standard Signatures and Custom Signatures pages
but provides these additional details:
• The measurement interval, or the number of seconds that must elapse before the controller resets the
signature threshold counters
• The tracking method used by the access points to perform signature analysis and report the results
to the controller. The possible values are:
–
Per Signature—Signature analysis and pattern matching are tracked and reported on a
per-signature and per-channel basis.
–
Per MAC—Signature analysis and pattern matching are tracked and reported separately for
individual client MAC addresses on a per-channel basis.
–
Per Signature and MAC—Signature analysis and pattern matching are tracked and reported on
a per-signature and per-channel basis as well as on a per-MAC-address and per-channel basis.
• The signature frequency, or the number of matching packets per second that must be identified at
the individual access point level before an attack is detected
• The signature MAC frequency, or the number of matching packets per second that must be identified
per client per access point before an attack is detected
• The quiet time, or the length of time (in seconds) after which no attacks have been detected at the
individual access point level and the alarm can stop
• The pattern that is being used to detect a security attack
Step 5 Check the State check box to enable this signature to detect security attacks or uncheck it to disable this
signature. The default value is enabled (or checked).
Step 6 Click Apply to commit your changes. The Standard Signatures or Custom Signatures page reflects the
signature’s updated state.
Step 7 Click Save Configuration to save your changes.
Using the GUI to View IDS Signature Events
Follow these steps to view signature events using the controller GUI.
Step 1 Click Security > Wireless Protection Policies > Signature Events Summary. The Signature Events
Summary page appears (see Figure 5-41).
Figure 5-41 Signature Events Summary Page
This page shows the number of attacks detected by the enabled signatures.
- Configuration Guide 1
- CONTENTS 3
- Contents 10
- OL-13826-01 10
- Audience 22
- Organization 22
- Conventions 23
- Related Publications 25
- Overview 27
- Chapter 1 Overview 28
- Single-Controller Deployments 29
- Operating System Software 31
- Operating System Security 31
- Operational Requirements 33
- Configuration Requirements 33
- Controller Platforms 34
- Features Not Supported 35
- Cisco 4400 Series Controllers 36
- Cisco UWN Solution WLANs 40
- Identity Networking 40
- File Transfers 42
- Power over Ethernet 42
- Startup Wizard 43
- Rogue Access Points 47
- • Using the CLI, page 2-7 49
- Guidelines for Using the GUI 50
- Opening the GUI 50
- Using the CLI 55
- Logging Out of the CLI 56
- CLI Interfaces 57
- Controller console 61
- Distribution System Ports 62
- Interfaces 63
- Management Interface 64
- AP-Manager Interface 64
- Virtual Interface 65
- Service-Port Interface 66
- Dynamic Interface 66
- Service-Port Interfaces 68
- Configuring Ports 76
- Configuring Port Mirroring 80
- Enabling Link Aggregation 87
- Link Aggregation Guidelines 89
- Step 3 Reboot the controller 92
- Connecting Additional Ports 98
- Before You Start 100
- Configuring 802.11 Bands 106
- Configuring DHCP Proxy 116
- Configuring RADIUS Settings 117
- Configuring SNMP 118
- Enabling System Logging 124
- Enabling 802.3x Flow Control 124
- Configuring 802.3 Bridging 127
- Configuring Multicast Mode 129
- Configuring Client Roaming 134
- Intra-Controller Roaming 135
- Inter-Controller Roaming 135
- Inter-Subnet Roaming 135
- CCX Layer 2 Client Roaming 136
- Call Admission Control 146
- Expedited Bandwidth Requests 147
- Traffic Stream Metrics 148
- Figure 4-19 Clients Page 152
- (see Figure 4-25) 156
- Configuring EDCA Parameters 162
- Configuring RFID Tag Tracking 173
- General WiSM Guidelines 181
- Configuring the Supervisor 182
- Cisco UWN Solution Security 186
- Layer 3 Solutions 187
- Rogue Access Point Solutions 187
- Configuring TACACS+ 188
- Configuring LDAP 203
- Configuring Local EAP 207
- Figure 5-16 Local EAP Example 208
- Configuring DHCP Option 82 220
- Validating SSIDs 221
- Guidelines for Using MFP 234
- Identity Networking Overview 242
- ACL-Name 243
- Interface-Name 243
- VLAN-Tag 244
- Tunnel Attributes 244
- Configuring AAA Override 245
- Configuring IDS 248
- Viewing Shunned Clients 251
- Configuring IDS Signatures 252
- Configuring AES Key Wrap 260
- WLAN Overview, page 6-2 265
- Configuring WLANs, page 6-2 265
- WLAN Overview 266
- Configuring WLANs 266
- Using the GUI to Create WLANs 267
- Using the CLI to Create WLANs 269
- Configuring DHCP 270
- Security Considerations 271
- Configuring DHCP Scopes 273
- Enabling MAC Filtering 276
- Creating a Local MAC Filter 276
- Assigning WLANs to Interfaces 277
- Configuring Layer 2 Security 280
- WPA1 and WPA2 282
- Configuring a Session Timeout 287
- Configuring Layer 3 Security 288
- VPN Passthrough 289
- Web Authentication 289
- Configuring QoS Enhanced BSS 293
- Configuring IPv6 Bridging 296
- Configuring WLAN Override 301
- Creating Access Point Groups 304
- Configuring the RADIUS Server 307
- External Antenna Connectors 316
- Antenna Sectorization 317
- Wireless Mesh 320
- Configuring Mesh Parameters 324
- MESH MESH 331
- MESH MESH MESH 331
- MESHMESH 331
- Figure 7-10 All APs Page 334
- Figure 7-12 All APs Page 340
- Background Scanning Scenarios 344
- Channel 1 = 153 345
- Channel 2 = 161 345
- Routing Around Interference 346
- Authorizing Access Points 349
- Using DHCP Option 43 351
- • Type: 0xf1 (decimal 241) 352
- Lightweight Mode 356
- Local Core Files: 357
- Cisco Workgroup Bridges 359
- Guidelines for Using WGBs 360
- Sample WGB Configuration 362
- Figure 7-24 Clients Page 363
- Configuring Country Codes 367
- -U Regulatory Domain 373
- Guidelines for Migration 374
- Dynamic Frequency Selection 376
- Access Points 377
- Figure 7-30 Inventory Page 378
- Performing a Link Test 379
- Figure 7-32 Clients Page 380
- Figure 7-33 Link Test Page 381
- Configuring Flashing LEDs 384
- Viewing Clients 385
- Using the CLI to View Clients 388
- Configurations 391
- Upgrading Controller Software 392
- Downloading CA Certificates 400
- Uploading PACs 402
- Using the GUI to Upload PACs 403
- Using the CLI to Upload PACs 403
- Uploading Configuration Files 404
- Saving Configurations 408
- Resetting the Controller 409
- Managing User Accounts 411
- Creating Guest User Accounts 412
- Viewing Guest User Accounts 416
- Web Authentication Process 417
- Configuration Overview 434
- Configuration Guidelines 435
- Configuring Radio Resource 443
- Radio Resource Monitoring 444
- Dynamic Channel Assignment 445
- Overview of RF Groups 447
- Configuring an RF Group 448
- Viewing RF Group Status 450
- Figure 10-3 All APs Page 453
- Configuring Dynamic RRM 456
- Table 10-1 RRM Parameters 457
- Overriding Dynamic RRM 466
- Radio Measurement Requests 472
- Location Calibration 472
- Configuring Pico Cell Mode 476
- Overview of Mobility 484
- Overview of Mobility Groups 487
- Configuring Mobility Groups 490
- Prerequisites 491
- Running Mobility Ping Tests 508
- Overview of Hybrid REAP 510
- Hybrid REAP Guidelines 512
- Configuring Hybrid REAP 513
- Figure 12-6) 520
- Safety Considerations and 529
- Translated Safety Warnings 529
- Safety Considerations 530
- Warning Definition 530
- Varoitus 531
- Attention 531
- Avvertenza 531
- Advarsel 531
- ¡Advertencia! 532
- Varning! 532
- Class 1 Laser Product Warning 533
- Produto a laser de classe 1 534
- Klasse 1 laserprodukt 534
- Ground Conductor Warning 535
- Waarschuwing 546
- Controllers 551
- Information 555
- Statement 556
- Canadian Compliance Statement 557
- • Safety: EN 60950 558
- • Radio: EN 301.893 559
- Japanese Translation 560
- English Translation 560
- All Access Points 561
- End User License and Warranty 565
- End User License Agreement 566
- Limited Warranty 568
- Disclaimer of Warranty 570
- Additional Open Source Terms 571
- Troubleshooting 573
- Interpreting LEDs 574
- System Messages 574
- Monitoring Memory Leaks 582
- Diagnostic Channel 584
- Client Reporting 584
- Figure D-3) 591
- Using the Debug Facility 599
- Logical Connectivity Diagrams 605
- Cisco WiSM 606
- Controller Switch 608
- • debug wcp ? 609
- Numerics 611
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.141 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce