You are here: Home > CLI Commands > Just_CLI_Topics > ids ap-classification-rule

ids ap-classification-rule

ids ap-classification-rule <rule-name>

check-min-discovered-aps

classify-to-type [neighbor|suspected-rogue]

clone <source>

conf-level-incr <conf-level-incr>

discovered-ap-cnt <discovered-ap-cnt>

match-ssids

no

snr-max <snr-max>

snr-min <snr-min>

ssid <ssid>

Description

This command configures the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. AP classification rule profile.

Syntax

Parameter

Description

Range

Default

<rule-name>

Name of the AP classification rule profile.

check-min-discovered-aps

Enables a rule check for the minimum number of APs.

true

classify-to-type

Specifies the AP classification type as neighbor or suspected-rogue if the rule is matched.

suspected-rogue

clone <source>

Copies data from another AP classification rule profile.

conf-level-incr

Increases the confidence level (in percentage) when the rule matches.

0-100

5

discovered-ap-cnt

<discovered-ap-cnt>

The number of APs to be discovered.

0-100

0

match-ssids

Matches SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network..

true

false

false

no

Negates any configured parameter.

snr-max <snr-max>

Configures the maximum SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. value.

0-100

0

snr-min <snr-min>

Configures the minimum SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. value.

0-100

0

ssid <ssid>

Enter the keyword ssid followed by the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. string to be matched or excluded

Usage Guidelines

AP classification rule configuration is performed only on the Mobility Master. If AMPAirWave Management Platform. AMP is a network management system for configuring, monitoring, and upgrading wired and wireless devices on your network. is enabled via the mobility-manager command, then processing of the AP classification rules is disabled on Mobility Master. A rule is identified by its ASCIIAmerican Standard Code for Information Interchange. An ASCII code is a numerical representation of a character or an action. character string name (32 characters maximum). The AP classification rules must have one of the following specifications:

SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. of the AP

SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. of the AP

Discovered-AP-Count or the number of APs that can see the AP

After you have created an AP classification rule, you must enable the rule by adding it to the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. AP Matching Rules profile:

ids ap-rule-matching

rule-name <name>

SSID specification

Each rule can have up to six SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. parameters. If one or more SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. are specified in a rule, an option of whether to match any of the SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network., or to not match all of the SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. can be specified. The default is to check for a match operation.

SNR specification

Each rule can have only one specification of the SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise.. A minimum and maximum can be specified in each rule, and the specification is in SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. (db).

Discovered-AP-Count specification

Each rule can have only one specification of the discovered-AP-count. Each rule can specify a minimum or maximum of the discovered-AP-count. The minimum or maximum operation must be specified if the discovered-AP-count is specified. The default setting is to check for the minimum discovered-AP-count.

Example

The following example configures the AP Configuration Rule Profile named “rule1”, and then enables the rule by adding it to the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. AP Matching Rules profile:

(host) [mynode] (config) #ids ap-classification-rule rule1

(host) [mynode] (IDS AP Classification Rule Profile "rule1") #check-min-discovered-aps

(host) [mynode] (IDS AP Classification Rule Profile "rule1") #classify-to-type neighbor

Related Commands

Command

Description

show ids ap-classification-rule

Displays the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. AP classification rule profile.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Requires the RFprotect license.

Config mode on Mobility Master.

/*]]>*/