Licensing

The ability to perform rare scanning is available only with the RFprotect license. However, the AP can scan ‘reg- domain’ or ‘all-reg-domain’ channels without the RFprotect license.

Working with Tarpit Shielding

The Tarpit Shielding feature is a type of wireless containment. Detected devices that are classified as rogues are contained by forcing client association to a fake channel or BSSID. This method of tarpitting is more efficient than rogue containment via repeated de-authorization requests. Tarpit Sheilding works by spoofing frames from an AP to confuse a client about its association. The confused client assumes it is associated to the AP on a different (fake) channel than the channel that the AP is actually operating on, and will attempt to communicate with the AP in the fake channel.

Tarpit Shielding works in conjunction with the deauth wireless containment mechanism. The deauth mechanism triggers the client to generate probe request and subsequent association request frames. The AP then responds with probe response and association response frames. Once the monitoring AP sees these frames, it will spoof the probe- response and association response frames, and manipulates the content of the frames to confuse the client.

A station is determined to be in the Tarpit when we see it sending data frames in the fake channel. With some clients, the station remains in tarpit state until the user manually disables and re-enables the wireless interface.

Configuring Tarpit Shielding

Tarpit shielding is configured on an AP using one of two methods:

Disable all clients—In this method, any client that attempts to associate with an AP marked for containment is sent spoofed frames.

Disable non-validclients—In this method, only non-authorized clients that attempt to associate with an AP is sent to the tarpit.

The choices for disabling Tarpit Shielding on an AP are:

Deauth-wireless-containment

Deauth-wireless-containment with tarpit-shielding (excluding-valid-clients)

Deauth-wireless-containment with tarpit-shielding

EnablingTarpit Shielding

Use the ids-general-profilecommand to configure Tarpit Shielding (for detailed information on commands refer to the Command Line Reference Guide).

ids general-profile default

wireless-containment [deauth-only none tarpit-all-sta tarpit-non-valid-sta]

Use the following show commands to view updated Tarpit Shielding status and the spoofed frames generated for an AP:

show ap monitor stats …

show ap monitor containment-info

Understanding Tarpit Shielding Licensing CLI Commands

In the ids general-profile default wireless-containment command, the ‘tarpit-non-valid-sta’ and ‘tarpit-all-sta’ options are available only with a RFprotect license. The ‘deauth-only’ and ‘none’ options are available with the Base OS license.

Dell PowerConnect W-Series ArubaOS 6.2 User Guide

Wireless Intrusion Prevention 392

Page 392
Image 392
Dell 6.2 manual Working with Tarpit Shielding, Configuring Tarpit Shielding, Licensing, EnablingTarpit Shielding

6.2 specifications

Dell 6.2 is an advanced enterprise solution that caters to the needs of businesses seeking robust performance and efficiency. As a part of Dell's commitment to innovation, the 6.2 series combines cutting-edge technologies and features that enhance productivity and deliver reliable computing experiences.

One of the standout features of the Dell 6.2 is its impressive processing power. Equipped with the latest Intel processors, it offers exceptional speed and multitasking capabilities. This allows businesses to run demanding applications effortlessly, making it ideal for data-intensive tasks such as data analysis, software development, and virtualization. The series also supports substantial RAM configurations, enabling users to manage extensive workloads without experiencing slowdowns.

In terms of storage, the Dell 6.2 line includes advanced SSD options that significantly boost data access speeds compared to traditional hard drives. This rapid access to information is vital for businesses that require quick retrieval of large datasets. Furthermore, the devices support RAID configurations, which enhances data redundancy and security, protecting critical business information from loss.

Connectivity is another critical aspect of the Dell 6.2 series. It includes multiple USB ports, HDMI outputs, and high-speed Ethernet options, ensuring that users can easily connect to various peripherals and networks. The integration of Wi-Fi 6 technology enables faster wireless connections, resulting in improved internet speeds and bandwidth efficiency, which is crucial in today’s increasingly connected workplaces.

Dell has also prioritized security in the 6.2 series. It features enhanced biometric authentication and advanced encryption methods, safeguarding sensitive data from unauthorized access. Additionally, the system's BIOS protection and automatic updates provide an added layer of security, ensuring that the device remains safe from emerging threats.

The design of the Dell 6.2 is not only sleek and modern but also built for durability. Its robust chassis is engineered to withstand the rigors of daily use, making it suitable for various business environments. This durability ensures that the investment in Dell 6.2 will last for years while maintaining performance integrity.

In summary, the Dell 6.2 series embodies a blend of speed, storage efficiency, connectivity, and security, making it a top choice for enterprises looking to enhance their computing capabilities. With its modern features and durable design, Dell 6.2 is positioned as a reliable partner in driving business success.