1-15
Cisco Wireless LAN Controller Configuration Guide
OL-8335-02
Chapter 1 Overview
Intrusion Detection Service (IDS)
•
Allows changes to Cisco 1000 series lightweight access point sensitivity for pico cells.
•
Allows control of Cisco 1000 series lightweight access point fallback behavior to optimize pico cell
use.
•
Supports heat maps for directional antennas.
•
Allows specific control over blacklisting events
•
Allows configuring and viewing basic LWAPP configuration using the Cisco 1000 series lightweight
access point CLI.
Intrusion Detection Service (IDS)
Intrusion Detection Service includes the following:
•
Sensing Clients probing for “ANY” SSID
•
Sensing if Cisco 1000 series lightweight access points are being contained
•
Notification of MiM Attacks, NetStumbler, Wellenreiter
•
Management Frame Detection and RF Jamming Detection
•
Spoofed Deauthentication Detection (AirJack, for example)
•
Broadcast Deauthorization Detection
•
Null Probe Response Detection
•
Fake AP Detection
•
Detection of Weak WEP Encryption
•
MAC Spoofing Detection
•
AP Impersonation Detection
•
Honeypot AP Detection
•
Valid Station Protection
•
Misconfigured AP Protection
•
Rogue Access Point Detection
•
AD-HOC Detection and Protection
•
Wireless Bridge Detection
•
Asleep Detection / Protection
Wireless LAN Controller Platforms
Cisco controllers are enterprise-class high-performance wireless switching platforms that support
802.11a and 802.11b/802.11g protocols. They operate under control of the operating system, which
includes the Radio Resource Management (RRM), creating a Cisco WLAN Solution that can
automatically adjust to real-time changes in the 802.11 RF environment. The controllers are built around
high-performance network and security hardware, resulting in highly-reliable 802.11 enterprise
networks with unparalleled security.