Specifications
OmniAccess Reference: AOS-W System Reference
320 Part 031652-00 May 2005
Wireless LAN Policies
Ad-hoc Network Protection
As far as network administrators are concerned, ad-hoc wireless networks are
uncontrolled. If they do not use encryption, they may expose sensitive data to
outside eavesdroppers. If a device is connected to a wired network and has
bridging enabled, an ad-hoc network may also function like a rogue AP.
Additionally, ad-hoc networks can expose client devices to viruses and other
security vulnerabilities. For these reasons, many administrators choose to
prohibit ad-hoc networks. The Alcatel system can perform both ad-hoc
network detection and also disable ad-hoc networks when they are found. To
configure ad-hoc network protection, navigate to
Configuration > Wireless LAN
Intrusion Detection > Policies > Adhoc Network
, as shown in the figure below.
FIGURE 15-12 Ad-Hoc Network Protection
Configuration parameters are:
Enable Adhoc Network Activity Detection – Enable detection of Ad-hoc
networks.
Enable Adhoc Network Protection – When Ad-hoc networks are detected,
they will be disabled using a denial of service attack.
Adhoc Detection Quiet Time - After an alarm has been triggered, the amount
of time that must pass before another identical alarm may be triggered.
The equivalent CLI configuration for the above example is:
wms
ids-policy adhoc-check enable
ap-policy protect-ibss enable
ids-policy adhoc-quiet-time 900