Cisco Cisco 5508 Wireless Controller Designanleitung
1-36
Book Title
OL-xxxxx-xx
Chapter 1 Cisco Adaptive wIPS Management Deployment Guide, Release 8.0
Cisco Adaptive wIPS Introduction
To edit a policy rule, check the box next to the rule and click Edit.
The policy rule window allows the severity of the alarm to be modified in addition to a number of
other parameters. The notification item is a check box which defines whether forensic (packet
captures) are taken for this particular alarm. There is also a specific threshold for this alarm, which
in this case is defined as the number of active associations but this is different for every alarm. Next,
the type parameter defines what WLAN infrastructure the system will monitor attacks against. By
default this is configured to Device Group and Internal which specifies all APs in the same ‘RF
Group’ name as the wIPS APs. Changing the type to SSID allows the system to monitor a separate
network, which is typical of an overlay deployment and this configuration is discussed below.
other parameters. The notification item is a check box which defines whether forensic (packet
captures) are taken for this particular alarm. There is also a specific threshold for this alarm, which
in this case is defined as the number of active associations but this is different for every alarm. Next,
the type parameter defines what WLAN infrastructure the system will monitor attacks against. By
default this is configured to Device Group and Internal which specifies all APs in the same ‘RF
Group’ name as the wIPS APs. Changing the type to SSID allows the system to monitor a separate
network, which is typical of an overlay deployment and this configuration is discussed below.
Step 8
Add Policy Rules (Optional):
Editing a policy rule would typically only be needed in an overlay deployment where the system is
to be configured to monitor another WLAN infrastructure by SSID.
to be configured to monitor another WLAN infrastructure by SSID.