WIDS Whitelist Profile
Context
There are security risks from unauthorized devices on WLAN networks, so administrators deploy monitoring APs to monitor the WLAN networks. After the AP working mode is set to monitoring, the AP monitors wireless devices and reports wireless device information to an AC. The AC can identify unauthorized devices.
However, there may be APs of other vendors or other networks working in the existing signal coverage areas. If these APs are countered, their services will be affected. To prevent this situation, configure an authorized AP list, including an authorized MAC address list, OUI list, and SSID list. When an unauthorized AP is detected but the AP's MAC address is in the authorized MAC address list, the AP is an authorized AP. However, if the AP's MAC address is not in the authorized MAC address list, the AP's OUI and SSID must be both in the authorized OUI and SSID lists; otherwise, the AP is a rogue AP.
Procedure
- Create a WIDS whitelist profile.
- Click OK. The parameter setting page of the new WIDS whitelist profile is displayed.
- Set parameters for creating a WIDS whitelist profile. Table 9-37 describes the parameters for creating a WIDS whitelist profile.
Table 9-37 Parameters for creating a WIDS whitelist profile
Parameter
Description
WIDS Whitelist Profile
Name of the WIDS whitelist profile, which cannot be modified.
MAC Whitelist
Maintain MAC addresses in the whitelist.Adding MAC addresses one by one
# Click Add. The Add MAC Address page is displayed.
# Enter a MAC address and click
. Multiple MAC addresses can be added. Click
to delete the selected MAC address.
# Click OK
Adding MAC addresses in batches
# Click Batch Import. The Import MAC Address page is displayed.
# Clickand select the MAC file containing MAC addresses that you want to import, and click Import.
NOTE:You can clickto download the MAC template.
# Click Apply. In the Info dialog box that is displayed, click OK.
Deleting MAC addresses
# Select the MAC address that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
OUI Whitelist
OUI to be added to the OUI whitelist. To add an OUI, enter an OUI and click
. You can repeat the operation to add multiple OUIs. Click
to delete the selected OUI.
SSID Whitelist
SSID to be added to the SSID whitelist. To add an SSID, enter an SSID and click
. You can repeat the operation to add multiple SSIDs. Click
to delete the selected SSID.
- Click OK. The parameter setting page of the new WIDS whitelist profile is displayed.
- Modify a WIDS whitelist profile.
- Choose . The WIDS Whitelist Profile List page is displayed.
- Click the name of the WIDS whitelist profile that you want to modify. The WIDS whitelist profile configuration page is displayed.
- Set parameters for modifying a WIDS whitelist profile. Table 9-37 describes the parameters for modifying a WIDS whitelist profile.
- Click Apply. In the Info dialog box that is displayed, click OK.
- Delete a WIDS whitelist profile.
- Choose . The WIDS Whitelist Profile List page is displayed.
- Select the profile that you want to delete and click Delete. In the Confirm dialog box that is displayed, click OK.
- Display the profile reference relationship.
- Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.
Click Hide Reference Relationship. The system hides the displayed results.
- Select the profile of which you want to display the reference relationship and click Display Reference Relationship. The system displays the types and names of the objects that reference the profile.
. Multiple MAC
addresses can be added. Click 
to delete the selected MAC address.
and select the MAC file
containing MAC addresses that you want to import, and click 
to download the MAC template.