Blocking client connecting to an ssid Windows Bridging
Can Stellar in Enterprise mode, block valid clients connecting to an SSID created by Windows Bridging(hotspot software like connectify)? In my setup stellar was not able to classify it as rouge. Further I manually added the SSID as Rouge, still clients were able to connect to it.
The feature works but I have realized that takes at least 1 hour to detect and react against a simple attack like too many Authentication fails in a period of time that you can set on the WIPS Policy, during my tests the attack was detected and cancelled automatically but after almost 1 hour, I'm talking with the Dev Team about this huge delay which turns this feature non reliable to protect the network.
Hi, There is 2 conditions to the WIPS be able to cancel automatically a threat: First edit the Client and/or AP attack policy to the appropriate level and the attack you want to cancel be part of the attacks data base. Second you need to enable the “Dynamic Client Black List” So In this case please be sure that the AP WIPS policy includes enabled the Wireless Bridge attack and the Dynamic Client Blacklist is enabled and let us know