No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Wireless Intrusion Prevention

Wireless Intrusion Prevention

A central AP can prevent wireless intrusion of three types of unauthorized devices:
  • Rogue AP

    After a central AP identifies a rogue AP, it sends rogue AP information to a monitoring RU. The monitoring RU uses the rogue AP's identity information to broadcast a Deauthentication frame. After STAs that associate with the rogue AP receive the Deauthentication frame, they disassociate from the rogue AP. This countermeasure prevents STAs from associating with rogue APs.

    NOTE:
    • Deauthentication frames are used to terminate established wireless links. Either an AP or a STA can send a Deauthentication frame to terminate the current link.

    • Currently, a central AP supports containment against rogue APs that have the same or similar SSIDs as authorized APs managed by the central AP and open-authentication APs.

  • Unauthorized STA

    After a central AP identifies an unauthorized STA, it sends unauthorized STA information to a monitoring RU. The monitoring RU uses the unauthorized STA's identity information to unicast a Deauthentication frame. After the RU with which the unauthorized STA associates receives the Deauthentication frame, the RU disassociates from the unauthorized STA. This countermeasure prevents RUs from associating with unauthorized STAs.

  • Ad-hoc device

    After a central AP identifies an ad-hoc device, it sends the ad-hoc device information to a monitoring RU. The monitoring RU uses the ad-hoc device's identity information (BSSID and MAC address of the device) to unicast a Deauthentication frame. After the STAs that associate with the ad-hoc device receive the Deauthentication frame, the STAs disassociate from the ad-hoc device. This countermeasure prevents STAs from associating with ad-hoc devices.

Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116318

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next