Concept Guide

ManualsBrandsDell ManualsAccess PlatformsW-Series 228 Access Points

141

142

143

144

145

146

147

148

149

150

150 | ids Dell Networking W-Series Instant 6.4.3.1-4.2.0.0 | CLI Reference Guide

Parameter Description Range Default

wireless-containment

<type>

Enable wireless containment including

Tarpit Shielding.

Tarpit shielding works by steering a

client to a tarpit so that the client

associates with it instead of the AP that

is being contained.

l deauth-only— Enables Containment

using deauthentication only .

l none— Disables wireless

containment.

l tarpit-all-sta—Enables wireless

containment by tarpit of all stations.

l tarpit-non-valid-sta— Enables

wireless containment by tarpit of

non-valid clients

deauth-only,

none, tarpit-

all-sta, tarpit-

non-valid-sta

deauth-only

no…

Removes configuration settings for

parameters under the ids command.

— —

no ids

Removes IDSconfiguration. — —

Usage Guidelines

Use this command to configure Intrusion Detection System (IDS) detection and protection policies. The IDS

feature monitors the network for the presence of unauthorized W-IAPs and clients and enables you to detect

rogue APs, interfering APs, and other devices that can potentially disrupt network operations. It also logs

information about the unauthorized W-IAPs and clients, and generates reports based on the logged

information.

Wireless Intrusion Protection (WIP) offers a wide selection of intrusion detection and protection features to

protect the network against wireless threats. Like most other security-related features of the Dell network, the

WIP can be configured on the W-IAP.

You can configure the following policies:

l Infrastructure Detection Policies— Specifies the policy for detecting wireless attacks on access points

l Client Detection Policies— Specifies the policy for detecting wireless attacks on clients

l Infrastructure Protection Policies— Specifies the policy for protecting access points from wireless attacks.

l Client Protection Policies— Specifies the policy for protecting clients from wireless attacks.

l Containment Methods— Prevents unauthorized stations from connecting to your Instant network.

Each of these options contains several default levels that enable different sets of policies. An administrator can

customize enable or disable these options accordingly. The following levels of detection can be configured:

l Off

l Low

l Medium

l High