EasyManuals Logo

Ruijie RG-WLAN Series User Manual

Ruijie RG-WLAN Series
1243 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #86 background imageLoading...
Page #86 background image
Configuration Guide Configuring WIDS
The whitelist includes MAC addresses of admitted STAs. If the whitelist function is enabled, only the listed can access WLAN,
and all packets from other STAs will be directly discarded by the AP, so as to reduce the impact of illegal packets in WLAN.
Static Blacklist
The static blacklist includes MAC address of the denied STAs. If the static blacklist function is enabled, all packets from the
listed STAs will be discarded.
Dynamic Blacklist
The dynamic blacklist includes MAC addresses of the denied STAs. You can configure the dynamic blacklist if DDoS attacks
are detected. For example, add the MAC address of a detected attacker into the blacklist dynamically to forbid receiving any
packet from it, thereby ensuring WLAN security.
SSID-based Whitelist
The SSID-based whitelist includes MAC addresses of the STAs admitted into a specified SSID. You can configure the
SSID-based whitelist. If the SSID-based whitelist function is enabled, only the STAs in the whitelist of the SSID are allowed
access, and all packets from other STAs will be directly discarded by the AP, so as to reduce the impact of illegal packets in
WLAN.
SSID-based Blacklist
The SSID-based blacklist includes MAC addresses of the STAs denied by a specified SSID. You can configure the
SSID-based blacklist. If the SSID-based blacklist function is enabled, all packets from the listed STAs will be discarded by the
AP.
2.3.2 IDS
In order to timely find and defend against malicious or unintentional attacks in WLAN, IDS supports the detection on multiple
attacks. When an attack is detected, an alert or a log will be generated to remind the network administrator of treatment.
Based on detected results, the network administrator can timely adjust network configuration to clear the insecure factors in
WLAN.
Currently, our devices support the following types of IDS attack detection:
DDoS attack detection
Flooding attack detection
Spoofing attack detection
Weak IV detection
Working Principle
DDoS Attack Detection
DDoS attack means that the attackers send a large number of attack packets toward targeted devices in a short period of
time (ARP packets, ICMP packets and SYN packets identified currently) so as to affect legal STAs being associated with the
attacked device.

Table of Contents

Other manuals for Ruijie RG-WLAN Series

Preview: Rgos Command Reference
Rgos Command Reference657 pages
Preview: Configuration Guide
Configuration Guide712 pages
Preview: Web-Based Configuration Guide
Web-Based Configuration Guide71 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Ruijie RG-WLAN Series and is the answer not in the manual?

Ruijie RG-WLAN Series Specifications

General IconGeneral
BrandRuijie
ModelRG-WLAN Series
CategoryWireless Access Point
LanguageEnglish

Related product manuals