Dell PowerConnect W-Airwave 7.1 Instrukcja Użytkownika Strona 210
- Strona / 334
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
210 | Using RAPIDS and Rogue Classification Dell PowerConnect W AirWave 7.1 | User Guide
Deleting or Editing a Rules
To delete a rule from the RAPIDS rules list, go to the RAPIDS > Rules page. Select the check box next to the
rule you want to delete, and click the Delete button. The rule is automatically deleted from the RAPIDS > Rules
page.
To edit any existing rule, click the pencil
icon next to that rule to launch the RAPIDS Classification Rule page
(see Figure 136). Edit or revise the fields (see Table 107) as necessary then select the Save button.
To change the sequence in which rules apply to any rogue device, drag and drop the rule to
a new position in the
rules sequence.
Recommended RAPIDS Rules
If Any Device Has Your SSID, Then Classify as Rogue
The only devices broadcasting your corporate SSID should be devices that you are aware of and are managed
by AWMS. Rogu
e devices often broadcast your official SSID in an attempt to get access to your users, or to
trick your users into providing their authentication credentials. Devices with your SSID generally pose a severe
threat. This rule helps to discover, flag, and emphasize such a device for prompt response on your part.
If Any Device Has Your SSID and is Not an Ad-Hoc Network Type, Then Classify as Rogue
This rule classifies a device as a rogue when the SSID for a given device is your SSID and is not an Ad-Hoc
dev
ice. Windows XP automatically tries to create an Ad-hoc network if it can not find the SSID for which it is
searching. This means that user’s laptops on your network may appear as Ad-Hoc devices that are
broadcasting your SSID. If this happens too frequently, you can restrict the rule to apply to non-ad-hoc
devices.
If More Than Four APs Have Discovered a Device, Then Classify as Rogue
By default, AWMS tries to use Signal Strength to determine
if a device is on your premises. Hearing device
count is another metric that can be used.
The important concept in this scenario is
that legitimate neighboring devices are only heard by a few APs on
the edge of your network. Devices that are heard by a large number of your APs are likely to be in the heart of
your campus. This rule works best for scenarios in large campuses or that occupy an entire building.
Using RAPIDS Rules with Additional AWMS Functions
Rules that you configure on the RAPIDS > Rules page establish an important way of processing rogue devices on
your network, and flagging them for attention as required. Such devices appear on the following pages in AWMS,
with additional information:
RAPIDS > List—Lists rogue devices as classified by rules.
RAPIDS > Rules—Displays the rules that classify rogue devices.
RAPIDS > Overview—Displays general rogue device count and statistical information.
System > Triggers—Displays triggers that are currently configured, including any triggers that have been
defined for rogue events.
Reports > Definitions—Allows you to run New Rogue Devices Report with custom settings.
VisualRF—Displays physical location information for rogue devices.
Score Override
On RAPIDS > Score Override page you can change the OUI scores that are given to MAC addresses detected
during scans of bridge forwarding tables on routers or switches. Figure 137, Figure 138, and Table 109 illustrate
and describe RAPIDS Score Override. Perform th
ese steps to create a score override.
- Dell PowerConnect W 1
- AirWave 1
- Contents 3
- Document Organization 11
- Contacting Support 12
- Notice Icons 12
- Chapter 1 13
- VisualRF™ 14
- Master Console and Failover 15
- Component Description 16
- Chapter 2 17
- Getting Started 18
- Previous AWMS Installations 19
- Completing the Installation 21
- AWMS Navigation Basics 22
- Status Section 23
- Navigation Section 23
- Activity Section 25
- Help Links in the GUI 26
- Common List Settings 26
- Buttons and Icons 27
- Buttons and 28
- Appearance 28
- Getting Started with AWMS 29
- Chapter 3 31
- Customizing Columns in Lists 33
- Resetting Pagination Records 34
- Using the Pagination Widget 34
- Customized Search 38
- AMP Setup > General page: 39
- Creating AWMS Users 48
- Creating AWMS User Roles 50
- Introduction to Cisco WLSE 66
- Adding an ACS Server for WLSE 67
- Discovering Devices 67
- Managing Devices 67
- Inventory Reporting 68
- Defining Access 68
- Grouping 68
- WDS Participation 68
- Primary or Secondary WDS 68
- Configuring ACS Servers 71
- PCI Requirement Description 75
- Deploying WMS Offload 77
- Chapter 4 79
- AWMS Group Overview 80
- Controllers” on page110 98
- Setting Default Description 101
- Figure 53 Groups 108
- Figure 54 Groups 108
- Priority Order 110
- Web Auth 110
- Comparing Device Groups 120
- Deleting a Group 121
- Modifying Multiple Devices 122
- Action Description 123
- Chapter 5 127
- SNMP/HTTP Scanning 128
- Defining a SNMP/HTTP Scan Set 130
- Running a Scan Set 131
- Column Description 132
- What Next? 133
- Adding Universal Devices 136
- Adding Universal Devices 140
- Monitoring Devices 142
- AMP Alerts 144
- IDS Events 144
- Incidents 144
- Field Description 149
- Graph Description 151
- Auditing Device Configuration 156
- Configuring AP Settings 159
- Message Meaning 161
- Table 90 de 164
- Field Default Description 165
- Chapter 6 175
- Template Variables 176
- Viewing and Adding Templates 177
- Setting Description 178
- Configuring General Templates 181
- Using Template Syntax 183
- Variable Values Meaning 184
- Using AP-Specific Variables 185
- Applying Startup-config Files 186
- WDS Settings in Templates 186
- ip scp server enable 187
- Configuring a Global Template 191
- Group Name, ssid_1 192
- Subscriber 1, Value 0 192
- Chapter 7 195
- Summary Description 197
- Viewing Ignored Rogue Devices 201
- RAPIDS Setup 202
- Containment Options 203
- RAPIDS Rules 204
- Device OUI Score 205
- Rogue Device Threat Level 206
- Option Description 207
- Score Override 210
- Audit Log 212
- Chapter 8 213
- Creating New Triggers 214
- Setting Triggers for Devices 216
- Setting Triggers for Radios 218
- Setting Triggers for Users 221
- User Trigger 221
- Description 221
- RADIUS Trigger 223
- Delivering Triggered Alerts 225
- Viewing Alerts 226
- Responding to Alerts 227
- Overview of the Users Pages 228
- Users > Connected 235
- Users > All 235
- Section Description 236
- Log Description 252
- Upgrading AWMS 256
- Backing Up AWMS 256
- Running Backup on Demand 257
- Restoring from a Backup 257
- AWMS Failover 258
- Chapter 9 261
- Using Daily Reports 264
- Using Custom Reports 265
- Using the IDS Events Report 272
- Using the Inventory Report 273
- Using the New Users Report 280
- Using the Port Usage Report 282
- Using the User Session Report 285
- Figure 202 U 286
- Figure 204 U 287
- Figure 205 U 287
- Defining Reports 289
- Emailing Reports to Smarthost 292
- Chapter 10 295
- Icon Description 298
- Appendix A 303
- Appendix B 305
- Example Network Configuration 306
- AWMS IP Address 307
- Appendix C 309
- System ID: 00409625854D 310
- Initialization: OK 310
- Cisco IOS Dual Radio Template 311
- AWMS Firmware Upgrade Process 312
- Appendix D 315
- Appendix E 317
- Appendix F 319
- Appendix G 321
- Appendix H 323
- Perl-Net-IP: 327
- Berkeley DB 1.85: 327
- SWFObject v. 1.5: 328
Powiązane produkty i podręczniki dla Oprogramowanie Dell PowerConnect W-Airwave 7.1
Oprogramowanie Dell A02 Podręcznik Użytkownika
(38 strony)
(38 strony)
Oprogramowanie Dell Powerconnect W-ClearPass Hardware Appliances Podręcznik Użytkownika
(320 strony)
(320 strony)
Oprogramowanie Dell V1.2 Instrukcja Użytkownika
(224 strony)
(224 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.075 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji