< Home

WIDS Profile

Overview

WIDS profiles provide mechanisms to protect WLAN networks. WIDS profiles are bound to AP groups or APs so that they can take effect.

A WIDS profile supports the following functions:

  • WIDS device detection and containment

    • APs detect Wi-Fi devices within their coverage range and determine whether they are authorized.

    • You can configure a WIDS spoof SSID profile and a WIDS whitelist profile to identify spoofing SSIDs and add the trusted devices to the whitelist. After configuring these profiles, you bind them to the WIDS profile.

    • Containment is performed on the detected rogue or interference device so that rogue or interference STAs cannot access the network or authorized STAs will not access rogue or interference APs.

  • WIDS attack detection and dynamic blacklist

    • APs detect Wi-Fi devices on a network that launch attacks, including flood attacks, weak IV attacks, spoofing attacks, and Brute force PSK cracking attacks.

    • After the dynamic blacklist function is enabled, attacking devices are added to the dynamic blacklist and packets from these devices are discarded.

CLI-based Procedure

For details, see Configuring Device Detection and Containment and Configuring Attack Detection and a Dynamic Blacklist.

Parent Topic: WLAN Service Configuration Procedure
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >