Manualshelf

User's Manual

ManualsBrandsRiverbed Technology ManualsElectronics802.11ac 2x2 AP
101102103104105106107108109110
Wireless Array
Configuring the Wireless Array 335
The Array provides a suite of intrusion detection and prevention options to
improve network security. You can separately enable detection of the following
types of problems:
Rogue Access Point Detection and Blocking
Unknown APs are detected, and may be automatically blocked based on
a number of criteria. See “About Blocking Rogue APs” on page 337.
Denial of Service (DoS) or Availability Attack Detection
A DoS attack attempts to flood an Array with communications requests
so that it cannot respond to legitimate traffic, or responds so slowly that it
becomes effectively unavailable. The Array can detect a number of types
of DoS attacks, as described in the table below. When an attack is
detected, the Array logs a Syslog message at the Alert level.
Impersonation Detection
These malicious attacks use various techniques to impersonate a
legitimate AP or station, often in order to eavesdrop on wireless
communications. The Array detects a number of types of impersonation
attacks, as described in the table below. When an attack is detected, the
Array logs a Syslog message at the Alert level.
Type of Attack Description
DoS Attacks
Beacon Flood Generating thousands of counterfeit 802.11 beacons to
make it hard for stations to find a legitimate AP.
Probe Request
Flood
Generating thousands of counterfeit 802.11 probe requests
to overburden the Array.
Authentication
Flood
Sending forged Authenticates from random MAC
addresses to fill the Array's association table.
Association
Flood
Sending forged Associates from random MAC addresses
to fill the Array's association table.