Aruba Instant 8.7.0.0 Online Help Center Help Center
You are here: Home > Aruba Instant User Guide > Table of Contents > Configuring IDS Using CLI

Configuring IDS

The IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. policy for Instant APs can be created using the CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions..

The following CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. commands configure IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network.:

(Instant AP)(config)# ids

(Instant AP)(IDS)# ap-max-unseen-timeout <seconds>

(Instant AP)(IDS)# infrastructure-detection-level <type>

(Instant AP)(IDS)# client-detection-level <type>

(Instant AP)(IDS)# infrastructure-protection-level <type>

(Instant AP)(IDS)# client-protection-level <type>

(Instant AP)(IDS)# wireless-containment <type>

(Instant AP)(IDS)# wired-containment

(Instant AP)(IDS)# wired-containment-ap-adj-mac

(Instant AP)(IDS)# wired-containment-susp-l3-rogue

(Instant AP)(IDS)# detect-ap-spoofing

(Instant AP)(IDS)# detect-windows-bridge

(Instant AP)(IDS)# signature-deauth-broadcast

(Instant AP)(IDS)# signature-deassociation-broadcast

(Instant AP)(IDS)# detect-adhoc-using-valid-ssid

(Instant AP)(IDS)# detect-malformed-large-duration

(Instant AP)(IDS)# detect-ap-impersonation

(Instant AP)(IDS)# detect-adhoc-network

(Instant AP)(IDS)# detect-valid-ssid-misuse

(Instant AP)(IDS)# detect-wireless-bridge

(Instant AP)(IDS)# detect-ht-40mhz-intolerance

(Instant AP)(IDS)# detect-ht-greenfield

(Instant AP)(IDS)# detect-ap-flood

(Instant AP)(IDS)# detect-client-flood

(Instant AP)(IDS)# detect-bad-wep

(Instant AP)(IDS)# detect-cts-rate-anomaly

(Instant AP)(IDS)# detect-rts-rate-anomaly

(Instant AP)(IDS)# detect-invalid-addresscombination

(Instant AP)(IDS)# detect-malformed-htie

(Instant AP)(IDS)# detect-malformed-assoc-req

(Instant AP)(IDS)# detect-malformed-frame-auth

(Instant AP)(IDS)# detect-overflow-ie

(Instant AP)(IDS)# detect-overflow-eapol-key

(Instant AP)(IDS)# detect-beacon-wrong-channel

(Instant AP)(IDS)# detect-invalid-mac-oui

(Instant AP)(IDS)# detect-valid-clientmisassociation

(Instant AP)(IDS)# detect-disconnect-sta

(Instant AP)(IDS)# detect-omerta-attack

(Instant AP)(IDS)# detect-fatajack

(Instant AP)(IDS)# detect-block-ack-attack

(Instant AP)(IDS)# detect-hotspotter-attack

(Instant AP)(IDS)# detect-unencrypted-valid

(Instant AP)(IDS)# detect-power-save-dos-attack

(Instant AP)(IDS)# detect-eap-rate-anomaly

(Instant AP)(IDS)# detect-rate-anomalies

(Instant AP)(IDS)# detect-chopchop-attack

(Instant AP)(IDS)# detect-tkip-replay-attack

(Instant AP)(IDS)# signature-airjack

(Instant AP)(IDS)# signature-asleap

(Instant AP)(IDS)# protect-ssid

(Instant AP)(IDS)# rogue-containment

(Instant AP)(IDS)# protect-adhoc-network

(Instant AP)(IDS)# protect-ap-impersonation

(Instant AP)(IDS)# protect-valid-sta

(Instant AP)(IDS)# protect-windows-bridge

(Instant AP)(IDS)# valid-ap-max-unseen-timeout <seconds>

For more information, refer Aruba Instant 8.7.0.x Command-Line Interface Reference Guide.

Configuring Ageout Time for Valid and Interfering APs

Instant APs monitor the RFRadio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment to identify neighboring APs operating in the environment. This information is stored in the network database and referenced for IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network. functions. To provide better control over the RFRadio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment, the ageout time for valid and interfering AP entries in the network database can be configured through the CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.. When configured the entry of valid and interfering APs are removed from the network database if they are not seen in the RFRadio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. environment after the ageout time is elapsed.

These settings are available under the ids command. The default ageout time for valid APs is 7200 seconds and interfering APs is 600 seconds.

Following is the command syntax to configure ageout time for valid APs:

(Instant AP)(config)# ids

(Instant AP)(IDS)# valid-ap-max-unseen-timeout <seconds>

Following is the command syntax to configure ageout time for interfering APs:

(Instant AP)(config)# ids

(Instant AP)(IDS)# ap-max-unseen-timeout <seconds>

/*]]>*/