Hello, Can Stellar in Enterprise mode, block valid clients connecting to an SSID created by Windows Bridging(hotspot software like connectify)? In my setup stellar was not able to classify it as rouge. Further I manually added the SSID as Rouge, still clients were able to connect to it.
Hi, There is 2 conditions to the WIPS be able to cancel automatically a threat: First edit the Client and/or AP attack policy to the appropriate level and the attack you want to cancel be part of the attacks data base. Second you need to enable the “Dynamic Client Black List” So In this case please be sure that the AP WIPS policy includes enabled the Wireless Bridge attack and the Dynamic Client Blacklist is enabled and let us know
Attack Policy set to High and Dynamic Client Black List enabled while testing...Still the issue..
Did those tests with older code and I could not get it to work too.
OV running on 4.2.2 R01-81 AP on 3.0.0.63
I had some success with newer code (3.0.2.x): I put an AP1101 at home at test, and forgot to turn out the automatic enforcement. Result: I got kicked out from my home AP every now and then :)
The feature works but I have realized that takes at least 1 hour to detect and react against a simple attack like too many Authentication fails in a period of time that you can set on the WIPS Policy, during my tests the attack was detected and cancelled automatically but after almost 1 hour, I'm talking with the Dev Team about this huge delay which turns this feature non reliable to protect the network.