Manualshelf

User's Manual

ManualsBrandsRiverbed Technology ManualsElectronics802.11ac 2x2 AP
21222324252627282930
Wireless Array
252 Configuring the Wireless Array
High Density 2.4G Enhancement—Honeypot SSID
Some situations pose problems for all wireless APs. For example, iPhones will
re
member every SSID and flood the airwaves with probes, even when the user
doesn’t request or desire this behavior. In very high density deployments, these
probes can consume a significant amount of the available wireless bandwidth.
The Array offers a feature targeting this problem—a “honeypot” SSID. Simply
create an SSID named honeypot (lower-case) on the Array, with no encryption or
authentication (select None/Open). Once this SSID is created and enabled, it will
respond to any station probe looking for a named open SSID (unencrypted and
unauthenticated) that is not configured on the Array. It will make the station go
through its natural authentication and association process.
The following SSIDs are excluded from being honeypotted:
Explicitly whitelisted SSIDs. See Step 23 on page 259.
SSIDs that are encrypted and/or authenticated.
SSIDs that are configured on this Array, whether or not they are enabled.
Traffic for a station connected to the honeypot SSID may be handled in various
ways using other Array features:
it may be directed to WPR to display a splash page or offer the user the
opportunity to sign in to your service (see “Web Page Redirect
Configuration Settings” on page 260);
it may be filtered (see “Filters” on page 351);
or it may be dead-ended by defining a specific dead-end VLAN on the
honeypot SSID to “trap” stations (see “VLANs” on page 199).
Use the honeypot feature carefully as it could interfere with legitimate SSIDs and
prevent clients from associating to another available network. You may define a
whitelist of allowed SSIDs which are not to be honeypotted. See Step 23 on
page 259.