Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS6000 - Wireless RF Switch

611

612

613

614

615

616

617

618

619

620

D-96 Motorola RF Switch System Reference Guide

• Multiple Detection Technologies - Provides accurate and comprehensive detection by applying multiple

detection technologies including signature analysis, protocol abuse and anomalous behavior in

conjunction with correlation across multiple sensors.

• Location Based Security - Provides location of unauthorized devices and activities using Motorola WLAN

infrastructure.

• Reports - Provides built-in reports for PCI, HIPAA, Sarbanes-Oxley, GLBA, FDIC and DOD, as well as

forensic support to determine compliance level after the fact, should a security event occur.

• Plug-and-Play Operation - Auto-classification allows quick policy-based authorization of APs and devices.

Network traffic can be monitored within minutes of installation, complete with the tools to quickly

interpret information for fast response to Wireless LAN threats.

• Centralized Detection Engine - Eliminates the need to upgrade sensors individually. A single server

upgrade provides new functionality and protection against the latest attacks and new threats.

• Report Builder - Allows customized reports to suit your specific needs.

• Advanced Forensics - Adds a whole new level of depth and flexibility to forensic investigations, allowing

the user to revise the analysis period in and out, to graph data for easier analysis, and to do historical

location tracking.

D.7.6 Configuring a Wireless IDS Deployment

The following sections outline the configuration steps required to enable unauthorized AP detection and

intrusion detection on a switch:

• Unauthorized AP Detection

• Unauthorized AP Containment

• Mobile Unit Intrusion Detection

• SNMP Traps

To view the running configuration on the RFS6000 switch used to create this Wireless IDS tutorial, refer

to RF Switch Running Configuration on page D-108.

D.7.6.1 Requirements

The following requirements must be met prior to attempting this configuration:

• One or more RF Switches are installed and operational on the network

• One or more AP300 Access Ports configured and adopted by the switch

• A Windows XP workstation with a console, telnet or SSH client is available to perform configuration on

the switches

• One or more standalone Access Points are available to verify unauthorized AP detection and

containment.

• One or more wireless workstations are available to test and verify unauthorized AP containment and

intrusion detection.

D.7.6.2 Components

The information in this section is based on the following Motorola hardware and software versions:

• 1 RFS6000 model switch