Security

Reply
fm
Occasional Contributor II
Posts: 30
Registered: ‎07-10-2014

IDS on IAPs

Hello,

 

I would like to implement some containment regarding some rogue access points (3G and 4G devices).

 

It's not very clear to me how does this work on IAP.

 

Does it only work with Monitor mode IAPs?

 

What would be your recommended settings?

 

Thank you!

Aruba
Posts: 1,368
Registered: ‎12-12-2011

Re: IDS on IAPs

Please review the user guide for IDS. There is no requirement to have a dedicated Air Monitor to perform containment and there are also wired containment options available as well. 

 

Note that if you have Aruba or HPE Aruba switches, you can automatically have the IAP inform the upstream switch that there is a rogue and the switch itself will admin down the port.

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
fm
Occasional Contributor II
Posts: 30
Registered: ‎07-10-2014

Re: IDS on IAPs

Thank you!

 

I was testing some settings...

 

Right now I have set to High in terms of detection and also protection but I can't see actual difference.

 

I setup a rogue 4G Wifi Hotspot right next to an IAP 205 but the clients seems to be able to connect to it and have proper network access...

 

I set the wireless containment to "Tarpit all stations"

Guru Elite
Posts: 20,424
Registered: ‎03-29-2007

Re: IDS on IAPs

I would leave it to the defaults.  High has unintended consequnces and can deny legitimate traffic.



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: