D-Link DWC-2000 User Manual 68
Section 6 - Securing Your Network
2. Enable or disable the security options as desired (refer to the table below) and click Save.
Field Description
Administrator Congured
Rogue AP
If the source MAC address is in the valid‐AP database on the controller or on the RADIUS
server, and the AP type is marked as Rogue, then the AP state is Rogue.
Managed SSID from an
Unknown AP
This test checks whether an unknown AP is using the managed network SSID. A hacker
may set up an AP with managed SSID to fool users into associating with the AP and
revealing password and other secure information.
Administrators with large networks who are using multiple clusters should either use
dierent network names in each cluster or disable this test. Otherwise, if an AP in the
rst cluster detects APs in the second cluster transmitting the same SSID as APs in the
rst cluster then these APs are reported as rogues.
Managed SSID from a Fake
Managed AP
A hacker may set up an AP with the same MAC address as one of the managed APs and
congure it to send one of the managed SSIDs. This test checks for a vendor eld in the
beacons which is always transmitted by managed APs. If the vendor eld is not present,
then the AP is identied as a fake AP.
AP without a SSID
SSID is an optional eld in beacon frames. To avoid detection a hacker may set up an AP
with the managed network SSID, but disable SSID transmission in the beacon frames.
The AP would still send probe responses to clients that send probe requests for the
managed SSID fooling the clients into associating with the hacker’s AP.
This test detects and ags APs that transmit beacons without the SSID eld. The test
is automatically disabled if any of the radios in the proles are congured not to send
SSID eld, which is not recommended because it does not provide any real security and
disables this test.
Fake Managed AP on an
Invalid Channel
This test detects rogue APs that transmit beacons from the source MAC address of one
of the managed APs, but on dierent channel from which the AP is supposed to be
operating.
Managed SSID Detection with
Incorrect Security
During RF Scan the AP examines beacon frames received from other APs and determines
whether the detected AP is advertising an open network, WEP, or WPA.
If the SSID reported in the RF Scan is one of the managed networks and its congured
security not match the detected security then this test marks the AP as rogue.
Invalid SSID from a Managed
AP
This test checks whether a known managed AP is sending an unexpected SSID. The
SSID reported in the RF Scan is compared to the list of all congured SSIDs that are
used by the prole assigned to the managed AP. If the detected SSID doesn’t match any
congured SSID then the AP is marked as rogue.
AP is Operating on an Illegal
Channel
The purpose of this test is to detect hackers or incorrectly congured devices that are
operating on channels that are not legal in the country where the wireless system is set up.
Note: In order for the wireless system to detect this threat, the wireless network must contain
one or more radios that operate in sentry mode.
Standalone AP with
Unexpected Conguration
If the AP is classied as a known standalone AP, then the controller checks whether
the AP is operating with the expected conguration parameters. You congure the
expected parameters for the standalone AP in the local or RADIUS Valid AP database.
This test may detect network misconguration as well as potential intrusion attempts.
The following parameters are checked:
• Channel Number
• SSID
• Security Mode
• WDS Mode
• Presence on a wired network
To Next Page
Loading...
Need help?
General
Weight and Dimensions
