1-15
Cisco Wireless LAN Controller Configuration Guide
OL-8335-02
Chapter 1 Overview
Intrusion Detection Service (IDS)
• Allows changes to Cisco 1000 series lightweight access point sensitivity for pico cells.
• Allows control of Cisco 1000 series lightweight access point fallback behavior to optimize pico cell
use.
• Supports heat maps for directional antennas.
• Allows specific control over blacklisting events
• Allows configuring and viewing basic LWAPP configuration using the Cisco 1000 series lightweight
access point CLI.
Intrusion Detection Service (IDS)
Intrusion Detection Service includes the following:
• Sensing Clients probing for “ANY” SSID
• Sensing if Cisco 1000 series lightweight access points are being contained
• Notification of MiM Attacks, NetStumbler, Wellenreiter
• Management Frame Detection and RF Jamming Detection
• Spoofed Deauthentication Detection (AirJack, for example)
• Broadcast Deauthorization Detection
• Null Probe Response Detection
• Fake AP Detection
• Detection of Weak WEP Encryption
• MAC Spoofing Detection
• AP Impersonation Detection
• Honeypot AP Detection
• Valid Station Protection
• Misconfigured AP Protection
• Rogue Access Point Detection
• AD-HOC Detection and Protection
• Wireless Bridge Detection
• Asleep Detection / Protection
Wireless LAN Controller Platforms
Cisco controllers are enterprise-class high-performance wireless switching platforms that support
802.11a and 802.11b/802.11g protocols. They operate under control of the operating system, which
includes the Radio Resource Management (RRM), creating a Cisco WLAN Solution that can
automatically adjust to real-time changes in the 802.11 RF environment. The controllers are built around
high-performance network and security hardware, resulting in highly-reliable 802.11 enterprise
networks with unparalleled security.