Configuring a wireless ids deployment, Requirements – Brocade Mobility RFS7000-GR Controller System Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual
Page 539
Brocade Mobility RFS7000-GR Controller System Reference Guide
525
53-1001944-01
Configuring a Wireless IDS Deployment
C
•
Multiple Detection Technologies - Provides accurate and comprehensive detection by applying
multiple detection technologies including signature analysis, protocol abuse and anomalous
behavior in conjunction with correlation across multiple sensors.
•
Location Based Security - Provides location of unauthorized devices and activities using
Brocade WLAN infrastructure.
•
Reports - Provides built-in reports for PCI, HIPAA, Sarbanes-Oxley, GLBA, FDIC and DOD, as well
as forensic support to determine compliance level after the fact, should a security event occur.
•
Plug-and-Play Operation - Auto-classification allows quick policy-based authorization of APs
and devices. Network traffic can be monitored within minutes of installation, complete with the
tools to quickly interpret information for fast response to Wireless LAN threats.
•
Centralized Detection Engine - Eliminates the need to upgrade sensors individually. A single
server upgrade provides new functionality and protection against the latest attacks and new
threats.
•
Report Builder - Allows customized reports to suit your specific needs.
•
Advanced Forensics - Adds a whole new level of depth and flexibility to forensic investigations,
allowing the user to "zoom" the time period of analysis in and out, to graph data for easier
analysis, and to do historical location tracking.
Configuring a Wireless IDS Deployment
The following sections outline the configuration steps required to enable unauthorized AP
detection and intrusion detection on a switch:
•
•
•
Mobile Unit Intrusion Detection
•
To view the running configuration on the Brocade Mobility RFS7000-GR Controller used to
create this Wireless IDS tutorial, refer to
“RF Switch Running Configuration”
Requirements
The following requirements must be met prior to attempting this configuration:
•
One or more RF switches are installed and operational on the network
•
One or more Brocade Mobility 7131N-FGR Access Points configured and adopted by the switch
•
A Windows XP workstation with a console, telnet or SSH client is available to perform
configuration on the switches
•
One or more standalone access points are available to verify unauthorized AP detection and
containment.
•
One or more wireless workstations are available to test and verify unauthorized AP
containment and intrusion detection.