Wireless Access

 View Only
  • 1.  WIDS overlay design methodology

    Posted Nov 29, 2024 11:05 AM

    hello Aruba Team, 

    I am designing an Aruba WIDS overlay network. does anyone know the preferred design criteria for an overlay network? -72 , -75, -80 dBm. 



  • 2.  RE: WIDS overlay design methodology

    Posted Dec 02, 2024 08:59 AM
    Edited by Herman Robers Dec 02, 2024 02:12 PM

    For WIDS, this guide EDIT: this guide is better maintained and more recent  has some good content. For the design criteria, as the WIDS APs (Air monitors) don't broadcast, you can't really put a number to it. The guide suggests to put the AMs in a 1:4 ratio, but in the end it depends on what you want to detect and possibly protect against. If you design for reception of clients at -80 dBm, there is a good chance that an attack performed by a malicious client has a too high data rate (MCS) and can't be decoded by the AM, thus invisible. For rogue detection, this probably isn't a big issue as beacons typically go out on a low data rate because clients would otherwise not be able to hear those beacons. Also, if security is most important and you would like to minimize the chance to miss attacks, you would deploy higher density of Air monitors than if basic detection of clear attacks is enough.

    It really depends on the requirements that you have on the overlay WIDS network.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: WIDS overlay design methodology

    Posted Dec 02, 2024 10:18 AM

    Also: https://www.arubanetworks.com/techdocs/aos/wifi-design-deploy/security/wids-wips/



    ------------------------------
    Carson Hulcher, ACEX#110
    ------------------------------



  • 4.  RE: WIDS overlay design methodology

    Posted Dec 02, 2024 06:17 PM
    Thank you all, 

    I think we are going to use a -75 dbm from a design perspective.  It pretty close the suggested ratio in the design guide and allows for triangulation of malicious clients. 

    Phillip Samuel 
    Program Manager, GuROO, LLC 
    Cell 240-435-3511 
    2850 Eisenhower Ave, Suite 220 
    Alexandria, VA 22314 
    SBA 8(a) Certified company 
    ISO 9001:2015 Certified company 
    ISO 27001:2013 Certified company 
    ISO 20000-1:2018 Certified company