Cisco Cisco 5520 Wireless Controller デザインガイド
1-2
Book Title
OL-xxxxx-xx
Chapter 1 Cisco Adaptive wIPS Management Deployment Guide, Release 8.0
Cisco wIPS Solution Overview
regarding rogue wireless devices is reported to PI where rogue alarm aggregation takes place. However,
with this functionality comes the caveat that if a containment attack is launched using a wIPS mode
access point, its ability to perform methodical attack-focused channel scanning is interrupted for the
duration of the containment.
with this functionality comes the caveat that if a containment attack is launched using a wIPS mode
access point, its ability to perform methodical attack-focused channel scanning is interrupted for the
duration of the containment.
Over-the-Air Attacks
Cisco Adaptive Wireless IPS embeds complete wireless threat detection and mitigation into the wireless
network infrastructure to deliver the industry’s most comprehensive, accurate and operationally
cost-effective wireless security solution. Below are the Over-the-Air attacks that are detected by the
Cisco Adaptive wIPS solution.
network infrastructure to deliver the industry’s most comprehensive, accurate and operationally
cost-effective wireless security solution. Below are the Over-the-Air attacks that are detected by the
Cisco Adaptive wIPS solution.
Feature
BaseWIPS
(WLC)
(WLC)
Adaptive WIPS
(WLC and MSE)
(WLC and MSE)
Adaptive WIPS
(WLC, MSE,
and CleanAir
Access Points)
(WLC, MSE,
and CleanAir
Access Points)
Rogue access point and ad hoc
rogue detection, classification,
location tracking, and
containment
rogue detection, classification,
location tracking, and
containment
Yes
Yes
Yes
Rogue access point switch port
tracing and disabling
tracing and disabling
Yes
Yes
Yes
Management frame
impersonation detection
impersonation detection
Yes
Yes
Yes
Rogue containment when WAN
is down
is down
Yes
Yes
Yes
Internal and external rogue
access point detection and
containment times
access point detection and
containment times
Yes
Yes
Yes
Feature
BaseWIPS
(WLC)
(WLC)
Adaptive WIPS
(WLC and MSE)
(WLC and MSE)
Adaptive WIPS
(WLC, MSE,
and CleanAir
Access Points)
(WLC, MSE,
and CleanAir
Access Points)
Smartphone tethering detection
and containment
and containment
Yes
Yes
Yes
Location tracking and
containment for DoS attacker
and non-authorized device that is
trying to associate internal
access point
containment for DoS attacker
and non-authorized device that is
trying to associate internal
access point
Yes
Yes
Yes
Wired Equivalent Privacy (WEP)
cracking detection
cracking detection
Yes
Yes
Yes
MAC spoofing rogue's detection
and containment
and containment
Yes
Yes
Yes
Auto MAC learning
Yes
Yes
Yes