Is there a problem with the MAC authentication server constantly flashing authentication failure logs?

Local forwarding centralized authentication, authentication server is a third-party device, and the server keeps flashing a terminal authentication failure log.

1) This terminal did not create an authentication table entry on the server, which means that in principle, it will not be allowed to connect to the wireless network, and authentication failure is normal. However, a terminal sent 17 authentication requests within 1 second, which is not normal. It is suspected that it was caused by an abnormal attack by a terminal. If it is an abnormal attack terminal, then add the MAC of this terminal to the blacklist. The wlan static blacklist mac address command is used to add static blacklist entries.

2) Returning to the device itself, if the terminal frequently sends authentication requests, can we not control the frequently authenticated terminal on the device side?

The device side can set a silent time. If the terminal authentication fails and enters the silent period, when the MAC triggers authentication, the device side will directly refuse and will not initiate authentication to the server. Client security intrusion protection enable; Client security intrusion protection action temporary block;

Client security intrusion protection timer temporary block time.

1)      Enable intrusion detection mode on the device and set a silent time to temporarily prevent illegal users from going online.

2)      Add frequently authenticated Macs to the blacklist.