No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S1720GFR, S2700, S5700, and S6720 V200R010C00 Web-based Configuration Guide

This document describes the configuration and maintenance of device through the web network management system. The web network management system provides the functions of viewing device information and managing the entire system, interfaces, services, ACL, QoS, routes, security, and tools.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
WIDS

WIDS

WIDS Whitelist Profile

Context

There are security risks from unauthorized devices on WLAN networks, so administrators deploy monitoring APs to monitor the WLAN networks. After the AP working mode is set to monitoring, the AP monitors wireless devices and reports wireless device information to an AC. The AC can identify unauthorized devices.

However, there may be APs of other vendors or other networks working in the existing signal coverage areas. If these APs are countered, their services will be affected. To prevent this situation, configure an authorized AP list, including an authorized MAC address list, OUI list, and SSID list. When an unauthorized AP is detected but the AP's MAC address is in the authorized MAC address list, the AP is an authorized AP. However, if the AP's MAC address is not in the authorized MAC address list, the AP's OUI and SSID must be both in the authorized OUI and SSID lists; otherwise, the AP is a rogue AP.

Procedure

  • Create a WIDS whitelist profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Whitelist Profile. The WIDS Whitelist Profile List page is displayed.
    2. Click Create. The Create WIDS Whitelist Profile page is displayed.
    3. Enter the name of the new WIDS whitelist profile in Profile name.

      To copy all parameters from another profile to the new profile, select the name of the profile in Copy parameters from other profiles. If None is selected, parameters are not copied from another profile.

    4. Click OK. The parameter setting page of the new WIDS whitelist profile is displayed.



    5. Set parameters for creating a WIDS whitelist profile. Table 1-201 describes the parameters for creating a WIDS whitelist profile.

      Table 1-201  Parameters for creating a WIDS whitelist profile

      Parameter

      Description

      WIDS Whitelist Profile

      Name of the WIDS whitelist profile, which cannot be modified.

      MAC Whitelist

      Maintain MAC addresses in the whitelist.
      • Adding MAC addresses one by one

        # Click Add. The Add MAC Address page is displayed.

        # Enter a MAC address and click . Multiple MAC addresses can be added. Click to delete the selected MAC address.

        # Click OK

      • Adding MAC addresses in batches

        # Click Batch Import. The Import MAC Address page is displayed.

        # Click and select the MAC file containing MAC addresses that you want to import, and click Import.
        NOTE:
        You can click to download the MAC template.

        # Click Apply. In the Info dialog box that is displayed, click OK.

      • Deleting MAC addresses

        # Select the MAC address that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.

      OUI Whitelist

      OUI to be added to the OUI whitelist. To add an OUI, enter an OUI and click . You can repeat the operation to add multiple OUIs. Click to delete the selected OUI.

      SSID Whitelist

      SSID to be added to the SSID whitelist. To add an SSID, enter an SSID and click . You can repeat the operation to add multiple SSIDs. Click to delete the selected SSID.

    6. Click Apply. In the Info dialog box that is displayed, click OK.
  • Modify a WIDS whitelist profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Whitelist Profile. The WIDS Whitelist Profile List page is displayed.
    2. Click the name of the WIDS whitelist profile that you want to modify. The WIDS whitelist profile configuration page is displayed.
    3. Set parameters for modifying a WIDS whitelist profile. Table 1-201 describes the parameters for modifying a WIDS whitelist profile.
    4. Click Apply. In the Info dialog box that is displayed, click OK.
  • Delete a WIDS whitelist profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Whitelist Profile. The WIDS Whitelist Profile List page is displayed.
    2. Select the profile that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
  • Display the profile reference relationship.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Whitelist Profile. The WIDS Whitelist Profile List page is displayed.
    2. Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.

      NOTE:

      Click Hide Reference Relationship. The system hides the displayed results.

WIDS Spoof SSID Profile

Context

WLAN services are available in public places, such as banks and airports. Users can connect to the WLANs after associating with corresponding SSIDs. If a rogue AP is deployed and provides spoofing SSIDs similar to authorized SSIDs, the users may be misled and connect to the rogue AP, which brings security risks. To address this problem, configure a fuzzy matching rule to identify spoofing SSIDs. The device compares a detected SSID with the matching rule. If the SSID matches the rule, the SSID is considered a spoofing SSID. The AP using the spoofing SSID is a rogue AP. The device then take countermeasures against the rogue AP, forcing users to disconnect from the AP.

Procedure

  • Create an SSID profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Spoof SSID Profile. The WIDS Spoof SSID Profile List page is displayed.
    2. Click Create. The Create WIDS Spoof SSID Profile page is displayed.
    3. Enter the name of the new WIDS spoof SSID profile in Profile name.

      To copy all parameters from another profile to the new profile, select the name of the profile in Copy parameters from other profiles. If None is selected, parameters are not copied from another profile.

    4. Click OK. The parameter setting page of the new WIDS spoof SSID profile is displayed.



    5. Set parameters for creating a WIDS spoof SSID profile. Table 1-202 describes the parameters for modifying an SSID profile.

      Table 1-202  Parameters for creating a WIDS spoof SSID profile

      Parameter

      Description

      WIDS Spoof SSID Profile

      Name of the WIDS spoof SSID profile, which cannot be modified.

      Rule for identifying spoofing SSIDs

      Regular expression of an SSID. After this parameter is set, click . If a detected SSID matches the regular expression, the SSID is considered a spoofing SSID. Repeat the preceding steps to add multiple rules for identifying spoofing SSIDs. Click to delete the selected rule for identifying spoofing SSIDs.

    6. Click Apply. In the Info dialog box that is displayed, click OK.
  • Modify an SSID profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Spoof SSID Profile. The WIDS Spoof SSID Profile List page is displayed.
    2. Click the name of the WIDS spoof SSID profile that you want to modify. The WIDS spoof SSID profile configuration page is displayed.
    3. Set parameters for modifying a WIDS spoof SSID profile. Table 1-202 describes the parameters for modifying an SSID profile.
    4. Click Apply. In the Info dialog box that is displayed, click OK.
  • Delete an SSID profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Spoof SSID Profile. The WIDS Spoof SSID Profile List page is displayed.
    2. Select the profile that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
  • Display the profile reference relationship.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Spoof SSID Profile. The WIDS Spoof SSID Profile List page is displayed.
    2. Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.

      NOTE:

      Click Hide Reference Relationship. The system hides the displayed results.

WIDS Profile

Context

A WIDS profile can be used to configure parameters for the wireless device detection, rogue device containment, and attack detection functions.

Procedure

  • Create a WIDS profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Profile. The WIDS Profile List page is displayed.
    2. Click Create. The Create WIDS Profile page is displayed.
    3. Enter the name of the new WIDS profile in Profile name.

      To copy all parameters from another profile to the new profile, select the name of the profile in Copy parameters from other profiles. If None is selected, parameters are not copied from another profile.

    4. Click OK. The parameter setting page of the new WIDS profile is displayed.



    5. Set parameters for creating a WIDS profile. Table 1-203 describes the parameters for creating a WIDS profile.

      Table 1-203  Parameters for creating a WIDS profile

      Parameter

      Description

      WIDS Profile

      Name of the WIDS profile, which cannot be modified.

      Interval for reporting detected WLAN device information

      Interval for reporting the detected WLAN device information.

      Interval for reporting all WLAN device information

      Interval at which an AP reports all the detected WLAN device information.

      Dynamic blacklist

      Whether to enable the dynamic blacklist function. An AP can use the dynamic blacklist to filter out the blacklisted wireless devices to avoid malicious attacks.

      Detection interval

      Attack detection interval.

      Threshold for the number of possible attacks

      Possible attack count threshold in a detection interval. The device reports the detected attacks when the count threshold is exceeded.

      Quiet period

      Quiet period for attack detection. The device does not report the detected attacks in the quiet period.

      Countermeasure mode

      Countering mode set against rogue devices. After the countering mode is set, rogue devices cannot connect to the WLAN.

      STA protection whitelist

      STA protection whitelist, which is valid only when Countermeasure mode is set to STA protection.

      Select a STA whitelist as the STA protection whitelist. Only the STAs in the whitelist can access the WLAN.

    6. Click Apply. In the Info dialog box that is displayed, click OK.
  • Modify a WIDS profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Profile. The WIDS Profile List page is displayed.
    2. Click the name of the WIDS profile that you want to modify. The WIDS profile configuration page is displayed.
    3. Set parameters for modifying a WIDS profile. Table 1-203 describes the parameters for modifying a WIDS profile.
    4. Click Apply. In the Info dialog box that is displayed, click OK.
  • Delete a WIDS profile.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Profile. The WIDS Profile List page is displayed.
    2. Select the profile that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
  • Display the profile reference relationship.
    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Profile. The WIDS Profile List page is displayed.
    2. Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.

      NOTE:

      Click Hide Reference Relationship. The system hides the displayed results.

  • Configure and modify the profiles referenced by a WIDS profile.

    A WIDS profile can reference WIDS whitelist and WIDS spoof SSID profiles.

    1. Choose Configuration > Wireless Services > Profile > WIDS > WIDS Profile. The WIDS Profile List page is displayed. Click next to WIDS Profile. The system displays names of the WIDS profiles. Click next to a WIDS profile name. The profiles referenced by the WIDS profile are displayed in the menu navigation area.
    2. Click any profile referenced by the WIDS profile. The configuration page of the referenced profile is displayed on the right. You can select another profile from the drop-down list and set the profile parameters. For descriptions of the profile parameters, see its configuration page.
    3. Click Apply. In the Info dialog box that is displayed, click OK.
Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000114003

Views: 50095

Downloads: 1057

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next