Wips, Rogue ap detection – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 35

Advertising
background image

Brocade Mobility RFS7000-GR Controller System Reference Guide

21

53-1001944-01

Software overview

1

The Access Port does not make use of any parameters (such as MAC based authentication, VLAN
based etc.) configured on RADIUS Server.

WIPS

The Brocade Wireless Intrusion Protection Software (WIPS) monitors for any presence of
unauthorized rogue Access Points. Unauthorized attempts to access the WLAN is generally
accompanied by anomalous behavior as intruding MUs try to find network vulnerabilities. Basic
forms of this behavior can be monitored and reported without needing a dedicated WIPS. When the
parameters exceed a configurable threshold, the switch generates an SNMP trap and reports the
result via the management interfaces. Basic WIPS functionality does not require monitoring APs
and does not perform off-channel scanning.

NOTE

When converting a Brocade Mobility 7131N-FGR Access Point to an Intrusion Detection Sensor, the
conversion requires approximately 60 seconds.

Rogue AP detection

The switch supports the following techniques for rogue AP detection:

RF scan by Access Port on one channel

RF scan by Access Port on all channels

SNMP Trap on discovery

Authorized AP lists

Rogue AP report

RF scan by Access Port on one channel
This process requires an Access Port to assist in Rogue AP detection. It functions as follows:

The switch sends a new configuration message to the adopted AP informing it to detect Rogue
APs.

The Access Port listens for beacons on its present channel.

It passes the beacons to the switch as it receives them without any modification.

The switch processes these beacon messages to generate the list of APs

By choosing this option for detection, all capable Access Ports will be polled.

RF scan by Access Port on all channels
The process used to scan for Rogue APs on all available channels functions as follows:

The switch sends a configuration message (with the ACS bit set and channel dwell time) to the
Access Port.

An Access Port starts scanning each channel and passes the beacons it hears on each
channel to the switch.

An Access Port resets itself after scanning all channels.

An switch then processes this information

Advertising
Popular Brands
Popular manuals