Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch

611

612

613

614

615

616

617

618

619

620

D-95

Wireless Intrusion Detection Violations

As shown in table above, the RF Switch can detect numerous violations, each with a configurable threshold

for monitoring the specific violation on an MU, radio and switch. Each threshold defines the number of

violations that must occur within a globally configured detection window before an alarm is generated and

mitigation is performed.

In addition to a configurable threshold, each violation can also be configured with a specific time-to-filter

value which determines how long an MU will be blacklisted when a threshold is reached. This allows the RF

Switch to perform automatic mitigation against violations without manual intervention from network

administrators.

D.7.4 Applications

Integrated WIDS security features are intended for small, medium and large customer deployments who

require basic rogue AP detection, rogue AP containment and wireless intrusion detection. The integrated

security features can be deployed in any enterprise environment and industry vertical to provide detection

and mitigation from potential threats.

D.7.5 Restrictions

The integrated security features provide basic protection against unauthorized APs and wireless threats.

Additional protection can be provided by deploying the Motorola AirDefense Enterprise solution, which is an

industry leading Wireless IPS system that seamlessly integrates with Motorola RF Switches and Access

Points.

With built-in forensic support and industry standard reports for PCI, HIPAA, Sarbanes-Oxley, GLBA, FDIC and

DOD, Motorola's Wireless Intrusion Protection System (WIPS) provides powerful tools for standards

compliance, as well as around-the-clock 802.11a/b/g wireless network security in a distributed environment.

It allows administrators to identify and accurately locate attacks, rogue devices, and network vulnerabilities

in real time and permits both wired and wireless lockdown of wireless device connections.

The Motorola AirDefense System provides the following advanced features:

• 24x7 Dedicated Sensors - Real-time identification of hackers, attacks and system weak spots.

• Historical Database - By storing and managing more than 270 data points per connection per wireless

device per minute, the product provides a highly accurate assessment of wireless threats including

anomalies and zero-day attacks. Allows viewing of events months later to improve network security

posture and assist in forensic investigations.

• Forensic Support - Pertinent historical data supports advanced forensics such as time of attack/breach,

entry point used, length of exposure, systems compromised, device activity logs and transfers of data.

Excessive EAP Start Frames Frames with Non-Changing WEP IV

Null Destination Detect Adhoc Networks

Same Source / Destination MAC De-Authentication from Broadcast

Source MAC

Source Multicast MAC Invalid Sequence Number

Excessive Probes TKIP Countermeasures