Brocade Communications Systems RFS6000 User Manual

702

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

53-1001931-01

Wireless configuration commands

20

Example

RFController(config-wireless)#wips event 80211-replay-check-failure enable

authorized

RFController(config-wireless)#

RFController(config-wireless)#wips event fake-ap-flood threshold 88

RFController(config-wireless)#

RFController(config-wireless)#wips event ad-hoc-advertising-authorized-ssid

filter-ageout 9

RFController(config-wireless)#

wips events
[identical-source-and-destina
tion-addresses |
impersonation-attack-detect
ed|non-changing-wep-iv|rep
lay-injection-attack |
suspicious-ap-high-rssi|tkip-
mic-counter-measures-cause
d-by-station
|transmitting-device-using-in
valid-mac
|unauthorized-ap-using-auth
orized-ssid|unencrypted-stat
ion-transmission-detected]
{enable|filter-out|threshold}
{authorized|ignored|unauth
orized}

•

fake-ap-flood– Detects suspected ap flood (based on number
of APs observed in a minute)

•

frames-from-unassociated-stations – Detects frames from
unassociated stations

•

frames-with-bad-essids – filter-ageout <1-86400> – Detects
filters age-out duration for the mobile unit frames with bad
essids

•

fuzzing-all-zero-mac-address-observed– Fuzzing: All zero MAC
address Observed

•

fuzzing-invalid-frame-type-detected– Fuzzing: Invalid Frame
Type Detected

•

fuzzing-invalid-management-frame – Fuzzing: Invalid
Management Frame

•

fuzzing-invalid-sequence-number – Fuzzing: Invalid Sequence
Number

•

identical-source-and-destination-addresses – Detects
identical source and destination addresses

•

impersonation-attack-detected – Detects impersonation
attack

•

invalid-8021x-frames – Detects invalid 802.1X frames

•

non-changing-wep-iv – Detects non-changing wepiv

•

replay-injection-attack – Detects replay injection attack

•

suspicious-ap-high-rssi – Detects suspicious ap -high rssi

•

tkip-mic-counter-measures-caused-by-station – Filters mobile
units causing tkip mic counter measures

•

transmitting-device-using-invalid-mac – Detects transmitting
device using invalid MAC

•

unauthorized-ap-using-authorized-ssid – Detects
unauthorized ap using authorized ssid

•

unencrypted-station-transmission-detected – Detects
unencrypted wired leakage

For the above parameters, the following values are set.

•

enable – Enables monitoring, filtering and triggering
alarms

•

filter-ageout <ageout> – Sets the number of seconds
mobile units are filtered in the range <1-86400>

•

threshold<1-65535> – Configures the threshold of
events allowed in the detection window

•

authorized – Triggers against authorized devices

•

ignored – Triggers against ignored devices

•

unauthorized – Triggers against unauthorized
devices

reset-to-default

Reset to default settings