I understand that the protect valid station feature prevents valid clients from connecting to rogue APs.
So I ran a test, but it failed to block the connection to the rogue AP.
As shown in the picture above, a user classified as valid is connected to the rogue AP.
Only protect valid station and Detect Valid Client Misassociation were enabled.
And not all SSIDs are associated with the Aruba controller on which the IDS is running.
If anyone knows about that feature, please let me know