Manualshelf

User Manual Part 6

ManualsBrandsMojo Networks ManualsElectronicsSpectraGuard Access Point / Sensor
11121314151617181920
Administration Tab
SpectraGuard® Enterprise User Guide
281
Special Handling for Smart Devices
Non-authorized Associations: Non-authorized and Banned Clients that connect to Authorized APs; an attacker can
gain access to your network through Authorized APs if the security mechanisms are weak. Non-authorized or
Uncategorized Client connections to an Authorized AP using a Guest SSID are not treated as unauthorized
associations.
Associations to Guest APs: External and Uncategorized Clients that connect to Guest APs are classified as Guest
Clients. The Clients connected to a wired network or a MisConfigured AP can be specified as exceptions to this
policy.
Ad hoc Connections: Peer-to-peer connections between Clients; corporate data on the Authorized Client is under
threat if it is involved in an ad hoc connection.
MAC Spoofing: An AP that spoofs the wireless MAC address of an Authorized AP; an attacker can launch an
attack through a MAC spoofing AP.
Honeypot/Evil Twin APs: Neighboring APs that have the same SSID as an Authorized AP; Authorized Clients can
connect to Honeypot/Evil Twin APs. Corporate data on these Authorized Clients is under threat due to such
connections.
Denial of Service (DoS) Attacks: DoS attacks degrade the performance of an official WLAN.
WEPGuard
TM
: Active WEP cracking tools allow attackers to crack the WEP key and gain access to confidential
data in a matter of minutes or even seconds. Compromised WEP keys are used to gain entry into the authorized
WLAN by spoofing the MAC address of an inactive Authorized Client.
Client Bridging/ICS: A Client with packet forwarding enabled between wired and wireless interfaces. An
authorized Client bridging and unauthorized/uncategorized bridging Client connected to enterprise subnet is a
serious security threat.
Intrusion Prevention Level
The system can prevent any unwanted communication in your 802.11 network. It provides you various levels of
prevention-blocking mechanisms of varying effectiveness. Intrusion Prevention Level enables you to specify a trade-
off between the desired level of prevention and the desired number of multiple simultaneous preventions across
radio channels.
The greater the number of channels across which simultaneous prevention is desired, the lesser is the effectiveness of
prevention in inhibiting unwanted communication. Scanning for new devices continues regardless of the chosen
prevention level.