You are here: Home > CLI Commands > Just_CLI_Topics > show ids general-profile

show ids general-profile

show ids general-profile <profile-name>

Description

Display an IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. General profile.

Syntax

Parameter

Description

<profile-name>

Name of an IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. General profile.

Usage Guidelines

Issue this command without the <profile-name> parameter to display the IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. General profile list. Include a profile name to display detailed configuration information for that profile.

Examples

The example below shows that the managed device has four configured General profiles.

(host) [mynode] (config) # show ids general-profile

IDS General Profile List

------------------------

Name References Profile Status

---- ---------- --------------

default 2

helen 0

wired-lb 1

Wizard-test2 1

Total:4

In the example above, the Reference column indicates the number of references to the profile named in the Name column. The Profile Status column is blank unless the rule is predefined.

The example below displays the settings for the profile Michael.

 

(host) (config) #show ids general-profile Michael

 

IDS General Profile "Michael"

---------------------------

Parameter Value

--------- -----

Adhoc AP Max Unseen Timeout 180 sec

Adhoc (IBSS) AP Inactivity Timeout 5 sec

AP Inactivity Timeout 20 sec

AP Max Unseen Timeout 600 sec

Frame Types for RSSI calculation ba pr dlow dnull mgmt ctrl

IDS Event Generation on AP none

Max Monitored Stations 1024

Max Unassociated Stations 256

Min Potential AP Beacon Rate 25 %

Min Potential AP Monitor Time 2 sec

Mobility Manager RTLS false

Monitored Device Stats Update Interval 0 sec

Packet SNR Threshold 0

Send Adhoc Info to Controller true

Signature Quiet Time 900 sec

STA Inactivity Timeout 60 sec

STA Max Unseen Timeout 600 sec

Stats Update Interval 60 sec

Wired Containment true

Wired Containment of AP's Adj MACs true

Wired Containment of Suspected L3 Rogue false

Wireless Containment deauth-only

Debug Wireless Containment false

WMS Client Monitoring all

The output of this command includes the following parameters:

Parameter

Description

Adhoc AP Max Unseen Timeout

Ageout time in seconds since ad hoc (IBSS) AP was last seen.

Adhoc (IBSS) AP Inactivity Timeout

Ad hoc (IBSS) AP inactivity timeout in number of scans.

AP Inactivity Timeout

Time, in seconds, after which an AP is aged out.

AP Max Unseen Timeout

Ageout time, in seconds, since AP was last seen.

Frame Types for RSSI calculation

Frame types used in AMAir Monitor. AM is a mode of operation supported on wireless APs. When an AP operates in the Air Monitor mode, it enhances the wireless networks by collecting statistics, monitoring traffic, detecting intrusions, enforcing security policies, balancing wireless traffic load, self-healing coverage gaps, and more. However, clients cannot connect to APs operating in the AM mode. RSSIReceived Signal Strength Indicator. RSSI is a mechanism by which RF energy is measured by the circuitry on a wireless NIC (0-255). The RSSI is not standard across vendors. Each vendor determines its own RSSI scale/values. calculation.

IDS Event Generation on AP

Enable or disable IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. event generation from the AP. Event generation from the AP can be enabled for syslogs, traps, or both. This does not affect generation of IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. correlated events on the switch.

Max Monitored Stations

Maximum number of monitored stations.

Max Unassociated Stations

Maximum number of unassociated stations.

Min Potential AP Beacon Rate

Minimum beacon rate acceptable from a potential AP, in percentage of the advertised beacon interval.

Min Potential AP Monitor Time

Minimum time, in seconds, a potential AP has to be up before it is classified as a real AP.

Mobility Manager RTLS

Shows if RTLSReal-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. communication with the configured mobility-manager is enabled or disabled.

Monitored Device Stats Update Interval

Time interval, in seconds, for AP to update the switch with stats for monitored devices. Minimum is 60.

Packet SNR Threshold

The packet Signal to Noise Ratio (SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise.) threshold. All packets with SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. below this threshold is dropped from IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. and ARMAdaptive Radio Management. ARM dynamically monitors and adjusts the network to ensure that all users are allowed ready access. It enables full utilization of the available spectrum to support maximum number of users by intelligently choosing the best RF channel and transmit power for APs in their current RF environment. processing.

No packets are dropped if the threshold is set to 0.

Send Adhoc Info to Controller

Enable or disable sending ad hoc information to the managed device from the AP.

Signature Quiet Time

After a signature match is detected, the time to wait, in seconds, to resume checking.

STA Inactivity Timeout

Time, in seconds, after which a station is aged out.

STA Max Unseen Timeout

Time, in seconds, after which an AP is aged out.

Stats Update Interval

Interval, in seconds, for the AP to update the managed device with statistics. This setting takes effect only if the Aruba Mobility Manager is configured. Otherwise, statistics update to the managed device is disabled.

Wired Containment

Shows if the profile has enabled or disabled containment from the wired side.

Wired Containment of AP's Adj MACs

Shows if the profile has enabled or disabled wired containment of MACs offset by one from APs BSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly..

Wired Containment of Suspected L3 Rogue

Shows if the profile has enabled or disabled the feature to identify and contain an AP with a preset wired MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address that is completely different from the AP’s BSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly.. where the MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address that the AP provides to wireless clients as a ‘gatewayGateway is a network node that allows traffic to flow in and out of the network. MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. ’ is offset by one character from its wired MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address.

Wireless Containment

Shows if the profile has enabled or disabled containment from the wireless side.

Debug Wireless Containment

Shows if the profile has enabled or disable debugging of containment from the wireless side.

Wired Containment of AP’s Adj MACs

Enable or disable wired containment of MACs offset by one from APs BSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly..

Related Commands

Command

Description

ids general-profile

This command configures an IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. general profile.

Command History

Release

Modification

ArubaOS 8.0.0.0

Command Introduced.

Command Information

Platforms

License

Command Mode

All platforms

Requires the RFprotect license.

Config mode on Mobility Master.

/*]]>*/