Manual Part 2
Wireless Array
Configuring the Wireless Array 261
High Density 2.4G Enhancement—Honeypot SSID
Some situations pose problems for all wireless APs. For example, iPhones will
remember every SSID and flood the airwaves with probes, even when the user
doesn’t request or desire this behavior. In very high density deployments, these
probes can consume a significant amount of the available wireless bandwidth.
The Array “honeypot” SSID targets this problem. Simply create an SSID named
honeypot (lower-case) on the Array, with no encryption or authentication (select
None/Open). Once this SSID is created and enabled, it will respond to any station
probe looking for a named open SSID (unencrypted and unauthenticated) that is
not configured on the Array. It will make the station go through its natural
authentication and association process. See “Honeypots” on page 278.
The following SSIDs are excluded from being honeypotted:
Explicitly whitelisted SSIDs. See “Honeypots” on page 278.
SSIDs that are encrypted and/or authenticated.
SSIDs that are configured on this Array, whether or not they are enabled.
Traffic for a station connected to the honeypot SSID may be handled in various
ways using other Array features:
Traffic may be directed to WPR (captive portal) to display a splash page
or offer the user the opportunity to sign in to your service (see “Web Page
Redirect (Captive Portal) Configuration” on page 269);
Traffic may be filtered (see “Filters” on page 365);
or it may be dead-ended by defining a specific dead-end VLAN on the
honeypot SSID to “trap” stations (see “VLANs” on page 204).
Use the honeypot feature carefully as it could interfere with legitimate SSIDs and
prevent clients from associating to another available network. You may define a
whitelist of allowed SSIDs which are not to be honeypotted. See “Honeypots” on
page 278. Th Honey pots page also allows you to change the SSID name that is
broadcast for the honeypot SSID.