05-Web configuration examples (AC+fit AP)

HomeSupportDoc SetsDoc PackagesH3C Wireless Products All-in-One-6W10005-Web configuration examples (AC+fit AP)
Table of Contents
Related Documents
43-Malformed Packet Detection and Flood Attack Detection Configuration Example

 

H3C Access Controllers

Comware 7 Malformed Packet Detection and Flood Attack Detection

Configuration Example

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Copyright © 2022 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.



Overview

The following information provides an example for configuring malformed packet detection and flood attack detection.

Prerequisites

The following information applies to Comware 7-based access controllers. Procedures and information in the examples might be slightly different depending on the software or hardware version of the H3C access controllers.

The configuration examples were created and verified in a lab environment, and all the devices were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.

The following information is provided based on the assumption that you have basic knowledge of WIPS and WLAN access.

Example: Configuring malformed packet detection and flood attack detection

Network configuration

As shown in Figure 1, configure the two APs that connect to the AC through the switch as sensors. Add Sensor 1 and Sensor 2 to VSD VSD_1. Configure malformed packet detection and flood attack detection to enable WIPS to trigger an alarm when it detects beacon flood attacks or malformed packets with duplicated IE.

Figure 1 Network diagram

 

Procedures

Configuring basic features on the AC

Configure wireless service, IP address, AP access, and radio settings. (Details not shown.)

Configuring an attack detection policy

1.     Click the Network View tab at the bottom of the page.

2.     From the navigation pane, select Wireless Configuration > Wireless Security.

3.     Click the Add button  to add an attack detection policy.

a.     Enter dtc1 in the Policy name field.

b.     Select Beacon from the Flood attack detection list, and then configure the interval, threshold, and quiet time.

c.     Select Duplicated IE from the Malformed packet detection list, and then configure the quiet time.

d.     Click Apply.

Figure 2 Adding an attack detection policy

 

Configuring a VSD

1.     Click the Network View tab at the bottom of the page.

2.     From the navigation pane, select Wireless Configuration > Wireless Security.

3.     Click the Add button  to add a VSD.

a.     Enter VSD_1 in the VSD name field.

b.     Select dtc1 from the Detection policy list.

c.     Click Apply.

Figure 3 Adding a VSD

 

Enabling WIPS

1.     Click the Network View tab at the bottom of the page.

2.     From the navigation pane, select Wireless Configuration > Wireless Security.

3.     Click the More button  to enable WIPS.

a.     On the page that opens, select sensor1 and click the Edit button  to edit Sensor 1.

b.     On the page that opens, select a radio band from the Radio list and select VSD VSD_1 from the VSD name list.

c.     On the page that opens, select sensor2 and click the Edit button  to edit Sensor 2.

d.     On the page that opens, select a radio band from the Radio list and select VSD VSD_1 from the VSD name list.

e.     Click Apply.

Figure 4 Enabling WIPS

 

Verifying the configuration

1.     Click the Network View tab at the bottom of the page.

2.     From the navigation pane, select Monitoring > Network Security, and view the relevant information shown in the Attack statistics area.

Related documentation

H3C Access Controllers Web-Based Configuration Guide

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网