Summary of rogue detection features – 3Com WX4400 3CRWX440095A User Manual

Summary of Rogue Detection Features

573

Summary of Rogue
Detection Features

Table 48 lists the rogue detection features in MSS.

Table 48 Rogue Detection Features

Rogue
Detection
Feature

Description

Applies To

Third-Party
APs

Clients

Classification

MSS can classify third-party APs as
rogues or interfering devices. A
rogue is a third-party AP whose
MAC address MSS knows from the
wired side of the network. An
interfering device does not have a
MAC address known on the wired
side.

MSS can detect rogue clients, locate
their APs, and issue countermeasures
against the APs.

Yes

Yes

Permitted
vendor list

List of OUIs to allow on the network.
An OUI is the first three octets of a
MAC address and uniquely identifies
an AP’s or client’s vendor.

Yes

No

Permitted SSID
list

List of SSIDs allowed on the network.
MSS can issue countermeasures
against third-party APs sending
traffic for an SSID that is not on the
list.

Yes

Yes

Client black list

List of client or AP MAC addresses
that are not allowed on the wireless
network. MSS drops all packets from
these clients or APs.

Yes

Yes

Attack list

List of AP MAC addresses to attack.
MSS can issue countermeasures
against these APs whenever they are
detected on the network.

Yes

No

Ignore list

List of MAC addresses to ignore
during RF detection. MSS does not
classify devices on this list as rogues
or interfering devices, and does not
issue countermeasures against them.

Yes

Yes