Using The Cli To Configure Aaa Override; Configuring Ids; Configuring Ids Sensors; Using The Gui To Configure Ids Sensors - Cisco SD2008T-NA Configuration Manual

Configuring IDS

Click Apply to commit your changes.
Step 4
Click Save Configuration to save your changes.
Step 5

Using the CLI to Configure AAA Override

To enable AAA override using the controller CLI, enter this command:
config wlan aaa-override enable wlan-id
For wlan-id, enter an ID from 1 to 16.
Configuring IDS
The Cisco intrusion detection system/intrusion prevention system (CIDS/IPS) instructs controllers to
block certain clients from accessing the wireless network when attacks involving these clients are
detected at Layer 3 through Layer 7. This system offers significant network protection by helping to
detect, classify, and stop threats including worms, spyware/adware, network viruses, and application
abuse. Two methods are available to detect IDS attacks:
•
•

Configuring IDS Sensors

You can configure IDS sensors to detect various types of IP-level attacks in your network. When the
sensors identify an attack, they can alert the controller to shun the offending client. When you add a new
IDS sensor, you register the controller with that IDS sensor so that the controller can query the sensor
to get the list of shunned clients. You can configure IDS sensor registration through either the GUI or
the CLI.

Using the GUI to Configure IDS Sensors

Follow these steps to configure IDS sensors using the controller GUI.
Step 1 Click Security and then Sensors under CIDS. The CIDS Sensors List page appears (see
Cisco Wireless LAN Controller Configuration Guide
5-26
IDS sensors, see below
IDS signatures, see page 5-30
Chapter 5 Configuring Security Solutions
Figure
OL-9141-03
5-10).