Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS
191192193194195196197198199200
Intrusion Detection 163
CHAPTER 13
Intrusion Detection
This document outlines the steps needed to configure the various
IDS capabilities present in an Alcatel network. Like most other
security related configuration on the Alcatel system, the IDS
configuration is completely done on the Master switch in the
network.
The Alcatel solution offers a variety of IDS/IPS features that can
be configured and deployed as required. The following are the
important IDS/IPS features provided in the Alcatel solution:
Rogue/Interfering AP Detection
The most important IDS functionality offered in the Alcatel
solution is the ability to detect an interfering/rogue AP and
classify it as an interfering or a rogue AP. An interfering AP is an
Access Point that the Alcatel Access points/Air Monitors
detected in the air. A rogue AP is an Access Point that is detected
as interfering AND is connected to the network on the wired side.
An Access Point that is connected to the network is the one that
presents a security threat while an AP that is not part of the
network only contributes to the interference in the air. The
administrator can enable rogue AP containment. If this feature is
enabled, the APs that are detected as rogue
NOTEInterfering APs are contained by disallowing clients from
associating to this AP. Refer to the “Configuring Rogue AP
Detection” on page 166 section for more details on how to con-
figure Rogue AP detection/classification/containment.