Wlan ids configuration task list – H3C Technologies H3C MSR 50 User Manual
Page 67
58
•
Dynamic blacklist—Contains the MAC addresses of clients forbidden to access the WLAN. A client
is dynamically added to the list if it is considered sending attacking frames until the timer of the
entry expires.
When an AP receives an 802.11 frame, it checks the source MAC address of the frame and processes the
frame by following these rules:
1.
If the source MAC address does not match any entry in the white list, the frame is dropped. If there
is a match, the frame is considered valid and is processed further.
2.
If no white list entries exist, the static and dynamic blacklists are searched.
3.
If the source MAC address matches an entry in any of the two lists, the frame is dropped.
4.
If there is no match, or no blacklist entries exist, the frame is considered valid and is processed
further.
Figure 25 Frame filtering
If client 1 is present in the backlist, it cannot associate with the fat AP. If it is only in the white list, it can
get associated with the fat AP.
WLAN IDS configuration task list
Task Description
Required.
.
Optional.
Displaying and maintaining attack
detection
Configuring blacklist and whitelist
Optional.