Mobility Domain Requirement; Summary Of Rogue Detection Features - Nortel 2360 Configuration Manual
Wlan-security switch 2300 series
Hide thumbs
Also See for 2360:
- Reference manual (480 pages) ,
- User manual (218 pages) ,
- Installation and basic configuration manual (172 pages)
Table of Contents
Advertisement
630 Rogue detection and counter measures
Countermeasures are disabled by default. You can enable them on an individual radio-profile basis. When you enable
them, all devices of interest that are not in the known devices list become viable targets for countermeasures. Counter-
measures can be enabled against all rogue and interfering devices, against rogue devices only, or against devices
explicitly configured in the WSS's attack list. The Mobility Domain's seed switch automatically selects individual
radios to send the countermeasure packets.
Mobility Domain requirement
RF Detection requires the Mobility Domain to be completely up. If a Mobility Domain is not fully operational (not all
members are up), no new RF Detection data is processed. Existing RF Detection information ages out normally.
Processing of RF Detection data is resumed only when all members of the Mobility Domain are up. If a seed switch in
the Mobility Domain cannot resume full operation, you can restore the Mobility Domain to full operation, and therefore
resume RF Detection data processing, by removing the inoperative switch from the member list on the seed.
Summary of rogue detection features
Table 1
lists the rogue detection features in WSS Software.
Rogue Detection
Feature
Classification
Permitted vendor list List of OUIs to allow on the network.
Permitted SSID list
Client black list
NN47250-500 (320657-F Version 02.01)
Table 1.Rogue detection features
Description
WSS Software can classify third-party
APs as rogues or interfering devices. A
rogue is a third-party AP whose MAC
address WSS Software knows from the
wired side of the network. An
interfering device does not have a
MAC address known on the wired side.
WSS Software can detect rogue clients,
locate their APs, and issue
countermeasures against the APs.
An OUI is the first three octets of a
MAC address and uniquely identifies
an AP's or client's vendor.
List of SSIDs allowed on the network.
WSS Software can issue
countermeasures against third-party
APs sending traffic for an SSID that is
not on the list.
List of client or AP MAC addresses
that are not allowed on the wireless
network. WSS Software drops all
packets from these clients or APs.
Applies To
Third-Party
Clients
APs
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
- Quick Links:
- Using the Command-Line Interface
Hide quick links:
Advertisement
Table of Contents
