DWS-3160 Series Gigabit Ethernet Unified Switch Web UI Reference Guide
434
Not Present in OUI
Database Test
Select
Enabled
to check whether a client is present in the OUI DB Test.
Not Present in Known
Client Database Test
Select
Enabled
to check whether the client, which is identified by its MAC
address, is listed in the Known Client Database and is allowed access to the AP
either through the Authentication Action of Grant or through the White List global
action.
If the client is in the Known Client Database and has an action of Deny, or if the
action is Global Action and it is globally set to Black List, the client fails this test.
Configured
Authentication Rate Test
Select
Enabled
to check whether the client has exceeded the configured rate for
transmitting 802.11 authentication requests.
Configured Probe
Requests Rate Test
Select
Enabled
to check whether the client has exceeded the configured rate for
transmitting probe requests.
Configured De-
Authentication Request
Rate Test
Select
Enabled
to check whether the client has exceeded the configured rate for
transmitting de-authentication requests.
Maximum Authentication
Failures Test
Select
Enabled
to check whether the client has exceeded the maximum number
of failed authentications.
Authentication with
Unknown AP Test
Select
Enabled
to check whether a client in the Known Client database is
authenticated with an unknown AP.
Client Thread Mitigation
Select
Enabled
to send de-authentication messages to clients that are in the
Known Clients database but are associated with unknown APs.
Authentication
with Unknown AP Test
must also be enabled in order for the mitigation to take
place. Select
Disabled
to allow clients in the Known Clients database to remain
authenticated with an unknown AP.
Known Client Database
Lookup Method
Specify whether the Switch should use the
Local
or
RADIUS
database for the
lookups in the Known Client database when detecting a client on the network.
Rogue Detected Trap
Interval (60-3600 seconds
or 0 is disable)
Enter the interval, in seconds, between transmissions of the SNMP trap telling the
administrator that rogue APs are present in the RF Scan database. Enter
0
to
disable the function.
De-Authentication
Requests Threshold
Interval (1-3600 seconds)
Enter the number of seconds an AP should spend counting the de-authentication
messages sent by wireless clients.
De-Authentication
Requests Threshold
Value (1-99999)
Enter a threshold value. When the Switch receives more messages than the
specified value during the threshold interval, the test triggers.
Authentication Requests
Threshold Interval (1-
3600 seconds)
Enter the number of seconds an AP should spend counting the authentication
messages sent by wireless clients.
Authentication Requests
Threshold Value (1-
99999)
Enter a threshold value. When the Switch receives more messages than the
specified value during the threshold interval, the test triggers.
Probe Requests
Threshold Interval (1-
3600 seconds)
Enter the number of seconds an AP should spend counting the probe messages
sent by wireless clients.
Probe Requests
Threshold Value (1-
99999)
Enter the number of probe requests a wireless client is allowed to send during the
threshold interval before the event is reported as a threat.
Authentication Failure
Threshold Value (1-
99999)
Enter the number of 802.1X authentication failures a client is allowed to have
before the event is reported as a threat.
Click the
Apply
button to accept the changes made.