Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

291

292

293

294

295

296

297

298

299

300

Switch Security

6-13

3. Select a detected MU and click the Delete button to remove it from the list of MUs you are tracking

as potential threats within the switch managed network.

4. Click on the Export button to export the contents of the table to a Comma Separated Values file

(CSV).

Violation Type Displays the reason the violation occurred for each detected MU.

Use the Violation Type to discern whether the detected MU is truly

a threat on the switch managed network (and must be removed) or

can be interpreted as a non threat. The following violation types

are possible:

• Excessive Probes

• Excessive Association

• Excessive Disassociation

• Excessive Authentication failure

• Excessive Crypto replays

• Excessive 802.11 replays

• Excessive Decryption failures

• Excessive Unassociated Frames

• Excessive EAP Start Frames

• Null destination

• Same source/destination MAC

• Source multicast MAC

• Weak WEP IV

• TKIP Countermeasures

• Invalid Frame Length

• Excessive EAP-NAKS

• Invalid 802.1x frames

• Invalid Frame Type

• Beacon with broadcast ESSID

• Frames with known bad ESSIDs

• Unencrypted traffic

• Frames with non-changing WEP IV

NOTE: The following violation types require the access port be in

scan mode:

• Beacon with broadcast ESSID

• Frames with known bad ESSIDs

Time Remaining Displays the time remaining before the next filter activity. Detected

MUs are removed from the filtered list when they no longer violate

the thresholds defined within the Configuration tab.