Extreme Networks Summit WM Technical Reference Manual page 30

Version 5.1

Hide thumbs Also See for Summit WM:

Installation instructions (1 page)

Getting started manual (126 pages)

Maintenance manual (130 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

page of 222

/ 222
Contents
Table of Contents
Bookmarks

Table of Contents

Rogue Access Point Detection

A client configured in ad-hoc mode has been identified

6 Inactive Wireless AP with known SSID – Major Alarm

A "known" Wireless AP has been detected that the Summit WM Controller has identified as not in

service (stolen?)

Inactive Wireless AP with unknown SSID – Major Alarm

A "known" Wireless AP with an unknown SSID has been detected that the Summit WM Controller

has identified as not in service (stolen?)

8 Known AP with Valid SSID Suppress Conflict – Critical Alarm

A "known" Wireless AP with a valid SSID has been detected, however the configured AP is not

broadcasting the SSID value (suppressed). Instead, the rogue device is broadcasting the SSID.

With each event, the following information will be reported:

Scanning Wireless AP Name & Scan Group

●

Detection Date and Time

●

Rogue SSID and Channel

●

Signal Strength (RSSI)

●

Security/Encoding type (for example. WEP, 802.1X, none, and so on)

●

This information is available through SNMP, or by viewing a report displayed in the Summit WM GUI.

In addition, a summary screen is provided as a pop-up window that provides a summary of all

potential problem areas on a single screen.

NOTES: A Few Points Related to Summit WM series Spy and Rogue Systems in General.

Due to the fact that accuracy is suspect, an administrator will more than likely still have to hunt the

●

rogue in person with a handheld/laptop to find the exact location. So, even using just the Summit

WM Controller's Summit WM series Spy information (mentally weigh and plot RSSI values from the

scan group APs) an administrator can locate a rogue just as easily as with graphic tools.

Some other systems address rogue APs with a function known as "containment". The effectiveness

●

of containment may vary due to some inherent limitations of this method. For example, most

containment is done via RF bombardment or via a ping DOS to the rogue device. Unless WLAN

gear uses very directional or phased array antenna systems, the bombardment is not discriminating

and will impact every device (MUs included) in close proximity. Also, if a rogue containment AP is

launching an attack (for containment) the service expectation of the client may be impacted. And

finally, because WiFi works in an UNLICENSED spectrum, a rogue containment system may

inadvertently attack a co-existing, legitimate system operating in an open spectrum.

Summit WM Technical Reference Guide, Software Version 5.1

Table of Contents

Extreme Networks Summit WM Technical Reference Manual page 30

Related Manuals for Extreme Networks Summit WM

Related Products for Extreme Networks Summit WM

Table of Contents