Chapter 1 Overview

Intrusion Detection Service (IDS)

Allows changes to Cisco 1000 series lightweight access point sensitivity for pico cells.

Allows control of Cisco 1000 series lightweight access point fallback behavior to optimize pico cell use.

Supports heat maps for directional antennas.

Allows specific control over blacklisting events

Allows configuring and viewing basic LWAPP configuration using the Cisco 1000 series lightweight access point CLI.

Intrusion Detection Service (IDS)

Intrusion Detection Service includes the following:

Sensing Clients probing for “ANY” SSID

Sensing if Cisco 1000 series lightweight access points are being contained

Notification of MiM Attacks, NetStumbler, Wellenreiter

Management Frame Detection and RF Jamming Detection

Spoofed Deauthentication Detection (AirJack, for example)

Broadcast Deauthorization Detection

Null Probe Response Detection

Fake AP Detection

Detection of Weak WEP Encryption

MAC Spoofing Detection

AP Impersonation Detection

Honeypot AP Detection

Valid Station Protection

Misconfigured AP Protection

Rogue Access Point Detection

AD-HOC Detection and Protection

Wireless Bridge Detection

Asleep Detection / Protection

Wireless LAN Controller Platforms

Cisco controllers are enterprise-class high-performance wireless switching platforms that support 802.11a and 802.11b/802.11g protocols. They operate under control of the operating system, which includes the Radio Resource Management (RRM), creating a Cisco WLAN Solution that can automatically adjust to real-time changes in the 802.11 RF environment. The controllers are built around high-performance network and security hardware, resulting in highly-reliable 802.11 enterprise networks with unparalleled security.

Cisco Wireless LAN Controller Configuration Guide

 

OL-8335-02

1-15

 

 

 

Page 37
Image 37
Cisco Systems 3.2 manual Intrusion Detection Service IDS, Wireless LAN Controller Platforms