Cisco Cisco 5520 Wireless Controller デザインガイド

Cisco

1-52

Book Title

OL-xxxxx-xx

Chapter 1 Cisco Adaptive wIPS Management Deployment Guide, Release 8.0

WIPS monitoring on 2800, 3800 and 1560 AP

Supported Alarms

ELM with FRA

Requires license; detects 60+
signatures

Better/ best effort

Monitor Mode

Requires license; detects 100+
signatures

Best in class

Alarm ID

Alarm Name

0

AP With encryption disabled

1

Client with encryption disabled

2

WEP IV key reused

7

Device using open authentication

8

Device probing for APs

9

AP association capacity full

10

DoS: Authentication-failure attack

34

Excessive multicast/broadcast on channel

35

Spoofed MAC address detected

37

DoS: Association table overflow

38

Crackable WEP IV key used

40

Device unprotected by VPN

41

Device unprotected by 802.1x

49

AP overloaded by stations

52

DoS: Authentication flood

53

DoS: EAPOL-Logoff attack

54

DoS: EAPOL-Start attack

56

DoS: Premature EAP-Success

57

DoS: Premature EAP-Failure

58

DoS: De-Auth broadcast flood

59

DoS: De-Auth flood

60

DoS: Dis-Assoc broadcast flood

61

DoS: Dis-Assoc flood

62

DoS: RF jamming

63

Dictionary attack on EAP methods

64

Man in the middle attack

65

Device using shared key authentication

72

Device unprotected by PEAP

79

DoS: Unauthenticated association

80

DoS: Association flood