Intrusion detection – Rockwell Automation 1783-WAPxxx Stratix 5100 Wireless Access Point User Manual User Manual

Page 127

Advertising
background image

Rockwell Automation Publication 1783-UM006A-EN-P - May 2014

127

Stratix 5100 Device Manager Parameter Definitions

Chapter 4

Intrusion Detection

Management frame protection can be used to identify adversaries that are
invoking denial of service attacks, flooding the network with associations and
probes, interjecting as rogue access points, or affecting the network performance
by attacking the QoS and radio measurement frames.

Figure 51 - Management Frame Protection

Authentication Methods Profile

Credential profiles are applied to an interface or an SSID in the same way. When
an access point connects to the network, the access point and the network
authentication device negotiate to agree upon an authentication method
supported by both devices to complete authentication. An authentication
methods profile is used to restrict the types of authentication that the access
point agrees to use.
If you wish to restrict the authentication types used to authenticate to the
network, define an authentication methods profile and assign it to the relevant
SSIDs or FastEthernet interface. The restriction may be required to prevent the
network authentication server and the access point from negotiating an
authentication method such as LEAP rather than a more secure authentication
method such as EAP-FAST.

Current Authentication Methods
Profile

Choose <NEW> if you want to add an authentication methods profile.

Credentials Name

Enter a name for the authentication methods profile if you are adding a new
profile. You can change the name if you have chosen an existing profile.

Authentication Methods

Choose the authentication methods that the access point should use to
authenticate to the network. By choosing a strong authentication method, you
can prevent the access point from allowing weaker authentication methods to be
approved. For example, if a RADIUS server supports EAP-FAST and LEAP, under
certain configurations, the server might initially employ LEAP instead of a more
secure method. If no preferred method list is defined in this parameter, LEAP may
be chosen rather than the stronger, more advantageous EAP-FAST.

Table 36 - Certificates Page Properties Parameter Descriptions

Parameter

Description

Advertising
Popular Brands
Popular manuals