WIPS-POLICY 22 - 7
Example
rfs7000-37FABE(config-wips-policy-test)#event enable-all-events
rfs7000-37FABE(config-wips-policy-test)#
rfs7000-37FABE(config-wips-policy-test)#event excessive 80211-replay-check-failure
filter-ageout 9 threshold-client 8 threshold-radio 99
rfs7000-37FABE(config-wips-policy-test)#
rfs7000-37FABE(config-wips-policy-test)#event client-anomaly wellenreiter filter-
ageout 99
rfs7000-37FABE(config-wips-policy-test)#
enable-all-events Enables all events
excessive
[80211-replay-
check-failure| aggressive-
scanning|auth-server-failures|
decryption-failures|dos-assoc-
or-auth-flood|dos-eapol-start-
storm|dos-unicast-deauth-or-
disassoc|eap-flood|eap-nak-
flood |frames-from-unassoc-
station] {filter-ageout <0-
86400>|threshold-mu <0-
65535>|threshold-radio <0-
65535>
Configures excessive type events
• 80211-replay-check-failure – 802.11replay check failure
• aggressive-scanning – Aggressive scanning
• auth-server-failures – Failures reported by authentication servers
• decryption-failures – Decryption failures
• dos-assoc-or-auth-flood – DoS association or authentication flood
• dos-eapol-start-storm – DoS EAPOL-start storm
• dos-unicast-deauth-or-disassoc – DoS association or authentication
flood
• eap-flood – EAP flood
• eap-nak-flood – EAP-NAK flood
• frames-from-unassoc-station – Frames from unassociated stations
The following parameters are common for all the above:
• {filter-ageout <0-86400>} – Configures filter-ageout
• <0-86400> – Configures filter-ageout values between 0 and
86400 seconds
• threshold-client <0-65535> – Configures threshold-client
• <0-65535> – Configures wireless client threshold limit for 60
seconds
• threshold-radio <0-65535> – Configures Radio threshold
configuration
• <0-65535> – Radio threshold limit for 60 seconds
Comments to this Manuals