Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

451

452

453

454

455

456

457

458

459

460

Summary of Rogue Detection Features

RoamAbout Mobility System Software Configuration Guide 22-5

Countermeasures

YoucanenableMSStousecountermeasuresagainstrogues.Countermeasuresconsistofpackets

thatinterferewithaclient’sabilitytousetherogue.

Countermeasuresaredisabledbydefault.Youcanenablethemonanindividualradio‐profile

basis.Whenyouenablethem,alldevicesofinterestthatarenotinthe

knowndeviceslistbecome

viabletargetsforcountermeasures.TheMobilityDomain’sseedswitchautomaticallyselects

individualradiostosendthecountermeasurepackets.

Mobility Domain Requirement

RFDetectionrequirestheMobilityDomaintobecompletelyup.IfaMobilityDomainisnotfully

operational(notallmembersareup),nonewRFDetectiondataisprocessed.ExistingRF

Detectioninformationagesoutnormally.ProcessingofRFDetectiondataisresumedonlywhen

allmembersoftheMobility

Domainareup.IfaseedswitchintheMobilityDomaincannot

resumefulloperation,youcanrestoretheMobilityDomaintofulloperation,andtherefore

resumeRFDetectiondataprocessing,byremovingtheinoperativeswitchfromthememberliston

theseed.

Summary of Rogue Detection Features

Table 22‐1liststheroguedetectionfeaturesinMSS.

Table 22-1 Rogue Detection Features

Rogue Detection Feature Description

Applies To

Third-Party APs Clients

Classification MSS can classify third-party APs as rogues or

interfering devices. A rogue is a third-party AP

whose MAC address MSS knows from the

wired side of the network. An interfering device

does not have a MAC address known to the

wired side.

MSS can detect rogue clients, locate their APs,

and issue countermeasures against the APs.

Yes Yes

Permitted vendor list List of OUIs to allow on the network. An OUI is

the first three octets of a MAC address and

uniquely identifies an AP’s or client’s vendor.

Yes No

Permitted SSID list List of SSIDs allowed on the network. MSS can

issue countermeasures against third-party APs

sending traffic for an SSID that is not on the list.

Yes Yes

Client black list List of client MAC addresses that are not

allowed on the wireless network. MSS drops all

packets from these clients.

No Yes

Attack list List of AP MAC addresses to attack. MSS can

issue countermeasures against these APs

whenever they are detected on the network.

Yes No