Wireless IDS
FortiGate wireless IDS monitors wireless traffic for a wide range of security threats by detecting and reporting on possible intrusion attempts. When an attack is detected, the FortiGate unit records a log message.
You can create a WIDS profile to enable the following types of intrusion detection among others:
• Unauthorized Device Detection
• Rogue/Interfering AP Detection
• Adhoc Network Detection and Containment
• Wireless Bridge Detection
• Misconfigured AP Detection
• Weak WEP Detection
• Multi Tenancy Protection
• MAC OUI Checking
You can enable wireless IDS by going to WiFi Controller > WiFi Network > Custom AP Profiles and editing an access point profile or creating a new one.
Inside the profile, set WIDS Profile to the name of a wireless IDS profile to apply wireless IDS protection to the access points that uses the profile. FortiGate units include a default wireless IDS profile. You can customize this profile or create additional profiles by going to WiFi Controller > WiFi Network > WIDS Profiles.
You can also use the config wireless-controller wids-profile command to configure Wireless Intrusion Detection (WIDS) profiles.