570
C
26: R
HAPTER
OGUE
D
C
ETECTION AND
OUNTERMEASURES
Figure 34 Rogue Detection Algorithm
MAP radio detects wireless packet.
Source MAC in
Ignore List?
No
Yes
Device is not a threat.
SSID in Permitted
SSID List?
Yes
OUI in Permitted
Vendor List?
Yes
Source MAC in
Attack List?
No
Rogue classification
algorithm deems the
device to be a rogue?
No
No
No
Generate an alarm.
Classify device as a rogue.
Issue countermeasures
(if enabled).
Yes
Yes