Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

310

Brocade Mobility RFS7000-GR Controller System Reference Guide

53-1001944-01

AP intrusion detection

6

3. Enable AP assisted scanning and timeout intervals as required.

4. Refer to the MU Assisted Scan field to enable associated MUs to assist in the detection of

Access Points.

NOTE

When using MU Assisted Scans with a Brocade Mobility 7131N-FGR Access Point the MU Assisted
scan will begin as soon as the Enable checkbox is selected. Subsequent scans will take place based
on the time defined in the Refresh Time field.

5. Click the Apply button to save the changes made.

6. Click the Revert button to cancel any changes and revert back to the last saved configuration.

7. Refer to the Allowed APs field to view the policies used for interpreting Access Points as

allowed.

Enable

Select the Enable

checkbox to enable associated Access Ports to detect potentially

hostile Access Points (the definition of which defined by you). Once detected, the
Access Points can be added to a list of APs either approved or denied from
interoperating within the switch managed network.

Authorized AP timeout

Define a value (in seconds) the switch uses to timeout (previously authorized)
Access Points that have not communicated with the switch. The range is from
1-65535 seconds, with a default of 300 seconds. This value is helpful for
continually re-validating Access Points that interoperate within the switch
managed network.

Unauthorized AP
timeout

Define a value (in seconds) the switch uses to remove Access Points that have not
communicated with the switch. The range is from 1-65535 seconds, with a default
of 300 seconds.

Ignored AP timeout

Define a value (in seconds) the switches uses to remove Access Points that have
not communicated with the switch. The range is from 1-65535 seconds, with a
default of 300 seconds.

Enable

Select the Enable checkbox to enable associated MUs to detect potentially hostile
Access Points (the definition of which defined by you). Once detected, these
devices can be added to a list of Access Points either approved or denied from
interoperating within the switch managed network.

Refresh Time

Define a value (in seconds) associated MUs use to scan for Access Points. The
range is from 300 - 86400 seconds, with a default of 1800 seconds.

Index

Displays the numerical identifier (index value) assigned to this particular set of
Allowed APs. Assign this value by clicking Add for a new set of Access Point
address information or click the Edit button to revise the index. The Index can be
used as reference to group specific devices numerically to a specific range of MAC
or ESSID addresses. This user cannot modify the index from this screen.

BSS MAC Address

Displays the MAC address of the Allowed AP(s). The MAC addresses displayed are
defined by clicking the Add button and entering a specific MAC address or by
allowing all MAC addresses to be allowed. The list of MAC addresses allowed can
be modified by highlighting an existing entry, clicking the Edit button and revising
the properties of the MAC address.