CLI Reference Guide
Rogue Detection Requirements 421
Countermeasures You can enable MSS to use countermeasures against rogues.
Countermeasures consist of packets that interfere with a client’s ability to
use the rogue.
Countermeasures are disabled by default. When you enable them, all
devices of interest that are not in the known devices list become viable
targets for countermeasures. The Mobility Domain’s seed WX switch
automatically selects individual radios to send the countermeasure
packets.
You can issue countermeasures against specific devices. In this case, MSS
attacks only those devices.
Rogue Detection
Requirements
Rogue detection in 3WXM has the following requirements.
The Enable Rogue Detection option must be selected on the
Monitoring Settings tab of the 3WXM Services Setup wizard. (See
“Changing Monitoring Settings” on page 489.)
SNMP notifications must be enabled on the WX switches. Table 58
lists the notification types related to RF detection. The notification
types for Intrusion Detection System (IDS) and Denial of Service (DoS)
protection are also listed. (To enable notifications on a switch, see
“Configuring SNMP” on page 208.)
Table 58 SNMP Notifications for RF Detection
Notification Type Description
Rogue detection notifications
RogueDetect Indicates that MSS has detected a rogue AP.
RFDetectRougeDisappear Indicates that MSS is no longer detecting a
previously detected rogue AP.
RFDetectInterferingRogueAP Indicates that MSS has detected an interfering
device.
RFDetectInterferingRogueDisappear Indicates that MSS is no longer detecting a
previously detected interfering device.
RFDetectAdHocUser Indicates that MSS has detected an ad-hoc
user.
RFDetectUnAuthorizedSSID Indicates that MSS has detected an SSID that
is not on the permitted SSID list.