Table of Contents
Advertisement
Wireless devices – Registered with any Summit WM Controller that has its RF Data Collector
●
enabled and has been associated with the Analysis Engine on this Summit WM Controller.
The Analysis Engine looks for access points with one or more of the following conditions:
Unknown MAC address and unknown SSID (critical alarm)
●
Unknown MAC, with a valid SSID - a known SSID is being broadcast by the unknown access point
●
(critical alarm)
Known MAC, with an unknown SSID - a rogue may be spoofing a MAC address (critical alarm)
●
Inactive Wireless AP with valid SSID (critical alarm)
●
Inactive Wireless AP with unknown SSID (critical alarm)
●
Known Wireless AP with an unknown SSID (major alarm)
●
In ad-hoc mode (major alarm)
●
NOTE
In the current release, there is no capability to initiate a DoS attack on the detected rogue access point.
Containment of a detected rogue requires an inspection of the geographical location of its Scan Group area,
where its RF activity has been found.
Working With Summit WM Series Spy Scan Results
When viewing the Summit WM series Spy scan results you can delete all or selected Access Points from
the scan results. You can also add Access Points from the scan results to the Friendly AP list.
To view Summit WM series Spy scan results:
1 From the main menu, click Summit Spy. The Summit Spy screen is displayed.
2 Click the Rogue Detection tab.
3 To modify the screen's refresh rate, type a time (in seconds) in the Refresh every __ seconds box.
4 Click Apply. The new refresh rate is applied.
Summit WM20 User Guide, Software Release 4.2
Working With Summit WM Series Spy Scan Results
177
Advertisement
Table of Contents
