Cisco Cisco Wireless LAN Controller Module Leaflet
Wireless LAN Controller and IPS Integration Guide
Document ID: 71231
Contents
Introduction
Prerequisites
Requirements
Components Used
Conventions
Cisco IDS Overview
Cisco IDS and WLC Integration Overview
IDS Shunning
Network Architecture Design
Configure the Cisco IDS Sensor
Configure the WLC
Cisco IDS Sensor Sample Configuration
Configure an ASA for IDS
Configure the AIP−SSM for Traffic Inspection
Configure a WLC to Poll the AIP−SSM for Client Blocks
Add a Blocking Signature to the AIP−SSM
Monitor Blocking and Events with IDM
Monitor Client Exclusion in a Wireless Controller
Monitor Events in WCS
Cisco ASA Sample Configuration
Cisco Intrusion Prevention System Sensor Sample Configuration
Verify
Troubleshoot
Related Information
Prerequisites
Requirements
Components Used
Conventions
Cisco IDS Overview
Cisco IDS and WLC Integration Overview
IDS Shunning
Network Architecture Design
Configure the Cisco IDS Sensor
Configure the WLC
Cisco IDS Sensor Sample Configuration
Configure an ASA for IDS
Configure the AIP−SSM for Traffic Inspection
Configure a WLC to Poll the AIP−SSM for Client Blocks
Add a Blocking Signature to the AIP−SSM
Monitor Blocking and Events with IDM
Monitor Client Exclusion in a Wireless Controller
Monitor Events in WCS
Cisco ASA Sample Configuration
Cisco Intrusion Prevention System Sensor Sample Configuration
Verify
Troubleshoot
Related Information
Introduction
The Cisco Unified Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) is part of the Cisco
Self−Defending Network and is the first integrated wired and wireless security solution in the industry. The
Cisco Unified IDS/IPS takes a comprehensive approach to securityat the wireless edge, wired edge, WAN
edge, and through the data center. When an associated client sends malicious traffic through the Cisco Unified
Wireless Network, a Cisco wired IDS device detects the attack and sends shun requests to Cisco Wireless
LAN Controllers (WLCs), which then disassociate the client device.
Self−Defending Network and is the first integrated wired and wireless security solution in the industry. The
Cisco Unified IDS/IPS takes a comprehensive approach to securityat the wireless edge, wired edge, WAN
edge, and through the data center. When an associated client sends malicious traffic through the Cisco Unified
Wireless Network, a Cisco wired IDS device detects the attack and sends shun requests to Cisco Wireless
LAN Controllers (WLCs), which then disassociate the client device.
The Cisco IPS is an inline, network−based solution, designed to accurately identify, classify, and stop
malicious traffic, including worms, spyware / adware, network viruses, and application abuse, before they
affect business continuity.
malicious traffic, including worms, spyware / adware, network viruses, and application abuse, before they
affect business continuity.
With the utilization of Cisco IPS Sensor software version 5, the Cisco IPS solution combines inline prevention
services with innovative technologies to improve accuracy. The result is total confidence in the provided
protection of your IPS solution, without the fear of legitimate traffic being dropped. The Cisco IPS solution
also offers comprehensive protection of your network through its unique ability to collaborate with other
network security resources and provides a proactive approach to the protection of your network.
services with innovative technologies to improve accuracy. The result is total confidence in the provided
protection of your IPS solution, without the fear of legitimate traffic being dropped. The Cisco IPS solution
also offers comprehensive protection of your network through its unique ability to collaborate with other
network security resources and provides a proactive approach to the protection of your network.
The Cisco IPS solution helps users stop more threats with greater confidence through the use of these features: