Dell PowerConnect W-Airwave 7.2 Instrukcja Użytkownika Strona 165
- Strona / 282
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Dell PowerConnect W AirWave 7.2 | User Guide Using RAPIDS and Rogue Classification | 165
Chapter 7
Using RAPIDS and Rogue Classification
This chapter provides an overview to rogue device and IDS event detection, alerting, and analysis using RAPIDS,
and contains the following sections:
“Introduction to RAPIDS” on page165
“Viewing Rogues on the RAPIDS > List Page” on page 174
“Setting Up RAPIDS” on page 167
“Defining RAPIDS Rules” on page 169
“Score Override” on page 177
“Audit Log” on page 178
“Additional Security Resources” on page 179
Introduction to RAPIDS
Rogue device detection is a core component of wireless security. With RAPIDS rules engine and containment
options, you can create a detailed definition of what constitutes a rogue device, and quickly act on a rogue AP for
investigation, restrictive action, or both. Once rogue devices are discovered, RAPIDS alerts your security team of
the possible threat and provides essential information needed to locate and manage the threat.
RAPIDS discovers unauthorized devices in your WLAN network in the following ways:
Over the Air
Using your existing enterprise APs
Optional AirWave Management Client (AMC)
On the Wire
Polling routers and switches to identify, classify, and locate unknown APs
Using HTTP and SNMP scanning
Using the controller’s wired discovery information
Furthermore, RAPIDS integrates with external intrusion detection systems (IDS), as follows:
Dell WIP—ADell’s Wireless Intrusion Protection (WIP) module integrates wireless intrusion protection into
the mobile edge infrastructure. The WIP module provides wired and wireless AP detection, classification and
containment; detects DoS and impersonation attacks; and prevents client and network intrusions.
Cisco WLSE (1100 and 1200 IOS)—AWMS fetches rogue information from the HTTP interface and gets
new AP information from SOAP API. This system provides wireless discovery information rather than rogue
detection information.
AirMagnet Enterprise—Retrieves a list of managed APs from AWMS.
AirDefense—Uses the AWMS XML API to keep its list of managed devices up to date.
WildPackets OmniPeek—Retrieves a list of managed APs from AWMS.
NOTE: To set up a scan, refer to “Discovering and Adding Devices” on page107.
- Dell PowerConnect W 1
- AirWave 7.2 1
- Contents 3
- About This Guide 11
- Notice Icons 12
- Contacting Support 12
- Chapter 1 13
- VisualRF 14
- Master Console and Failover 15
- Chapter 2 17
- Getting Started 18
- Completing the Installation 20
- AWMS Navigation Basics 22
- Navigation Section 23
- Activity Section 24
- Help Links in the GUI 25
- Common List Settings 25
- Buttons and Icons 25
- Function Image 26
- Description 26
- Getting Started with AWMS 27
- Chapter 3 29
- Customizing Columns in Lists 30
- Resetting Pagination Records 31
- Using the Pagination Widget 31
- Customized Search 33
- Table 8: 35
- Creating AWMS Users 43
- Creating AWMS User Roles 44
- Introduction to Cisco WLSE 57
- Discovering Devices 58
- Managing Devices 58
- Inventory Reporting 58
- Defining Access 58
- Grouping 59
- WDS Participation 59
- Primary or Secondary WDS 59
- Configuring ACS Servers 61
- Requirement Description 64
- Deploying WMS Offload 66
- Chapter 4 69
- AWMS Groups Overview 70
- Priority Order 96
- Web Auth 96
- Comparing Device Groups 100
- Deleting a Group 101
- Modifying Multiple Devices 102
- APs/Devices > List 103
- APs/Devices > Up 103
- APs/Devices > Down 103
- Action Description 104
- Chapter 5 107
- Defining a SNMP/HTTP Scan Set 109
- Running a Scan Set 110
- What Next? 111
- Adding Universal Devices 112
- Setting Default Description 113
- Adding Universal Devices 115
- Monitoring Devices 116
- AMP Alerts 117
- IDS Events 117
- Incidents 117
- Field Description 119
- Graph Description 121
- Issues Summary section 123
- 802.11 Radio Counters Summary 124
- Recent ARM Events Log 125
- Column Description 126
- Active BSSIDs 127
- Auditing Device Configuration 130
- Configuring AP Settings 133
- Detail page 134
- Field Default Description 138
- Figure 99 140
- Message Meaning 143
- Chapter 6 149
- Viewing and Adding Templates 150
- Setting Description 151
- Configuring General Templates 154
- Using Template Syntax 155
- Push_and_exclude Command 156
- Variable Values Meaning 157
- Using AP-Specific Variables 158
- Applying Startup-config Files 159
- WDS Settings in Templates 159
- ip scp server enable 160
- Configuring a Global Template 162
- Group Name, ssid_1 163
- Subscriber 1, Value 0 163
- Chapter 7 165
- Fields 166
- Setting Up RAPIDS 167
- Rogue Containment Options 168
- Defining RAPIDS Rules 169
- Device OUI Score 170
- Rogue Device Threat Level 171
- Option Description 172
- Recommended RAPIDS Rules 173
- Score Override 177
- Audit Log 178
- Figure 123 Audit Log 179
- Chapter 8 181
- Setting Triggers for Devices 184
- Setting Triggers for Radios 184
- Setting Triggers for Users 185
- Delivering Triggered Alerts 187
- Viewing Alerts 187
- Responding to Alerts 188
- Overview of the Users Pages 189
- Page Illustration 190
- Section Description 196
- Overview of SOTI MobiControl 198
- 144 illustrates this page 202
- Accessing AWMS Documentation 203
- Log Description 207
- System Information 208
- Performance Graphs 208
- Database Statistics 208
- Disk Usage 208
- Upgrading AWMS 214
- Backing Up AWMS 214
- Running Backup on Demand 215
- Restoring from a Backup 215
- Adding Watched AWMS Stations 216
- Chapter 9 219
- Using Daily Reports 222
- Using the IDS Events Report 229
- Using the Inventory Report 230
- Using the New Users Report 234
- Using the Port Usage Report 236
- Using the RF Health Report 237
- Using the User Session Report 239
- Defining Reports 242
- Emailing Reports to Smarthost 245
- Chapter 10 247
- Icon Description 250
- Appendix A 255
- Appendix B 257
- ReefEdge Configuration 258
- Example Network Configuration 258
- Appendix C 261
- System ID: 00409625854D 262
- Initialization: OK 262
- Cisco IOS Dual Radio Template 263
- AWMS Firmware Upgrade Process 264
- Appendix D 265
- Appendix E 267
- Appendix F 269
- Appendix G 271
- Appendix H 273
- Perl-Net-IP: 276
- Berkeley DB 1.85: 276
- SWFObject v. 1.5: 276
Powiązane produkty i podręczniki dla Oprogramowanie Dell PowerConnect W-Airwave 7.2
Oprogramowanie Dell Force10 Podręcznik Użytkownika
(154 strony)
(154 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.028 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji