Configuring Ids Signatures - Cisco 2100 Series Configuration Manual

Chapter 5 Configuring Security Solutions
Using the CLI to View Shunned Clients
Follow these steps to view the list of clients that the IDS sensors have identified to be shunned using the
controller CLI.
Step 1 To view the list of clients to be shunned, enter this command:
show wps shun-list
To force the controller to sync up with other controllers in the mobility group for the shun list, enter this
Step 2
command:
config wps shun-list re-sync

Configuring IDS Signatures

You can configure IDS signatures, or bit-pattern matching rules used to identify various types of attacks
in incoming 802.11 packets, on the controller. When the signatures are enabled, the access points joined
to the controller perform signature analysis on the received 802.11 data or management frames and
report any discrepancies to the controller. If an attack is detected, appropriate mitigation is initiated.
Cisco supports 17 standard signatures on the controller as shown on the Standard Signatures page (see
Figure
Figure 5-56
OL-17037-01
5-56).
Standard Signatures Page
Cisco Wireless LAN Controller Configuration Guide
Configuring IDS
5-107