Client Mac Spoofing Report; Monitoring Unauthenticated Clients - Extreme Networks EPICenter Guide Manual
Concepts and solutions guide
Hide thumbs
Also See for EPICenter Guide:
- Reference manual (580 pages) ,
- Software installation manual (546 pages) ,
- Manual (268 pages)
Table of Contents
Advertisement
Security Monitoring with Reports
Client MAC spoofing report
When the network detects two or more client stations with the same MAC address that are all in the
data forwarding state on different wireless interfaces, the client might be using another client's MAC
address in an unauthorized way; such a client is known as a spoofing wireless client. The Spoofing
Wireless Client Report displays information on these clients.
However, a client can also appear on two or more wireless interfaces at the same time because it is
roaming and thus changing from one interface to another. To exclude these cases from the report, you
can specify a wireless client time-out length (minimum connection time) to correspond to the client
age-out setting on the switch.
Figure 49 shows an example of a Spoofing Wireless Client Report where the clients are roaming.
Figure 49: Spoofing Wireless Client Report.
Monitoring Unauthenticated Clients
While clients that are not yet authenticated on your network may be a normal occurrence, you may
want to monitor these clients to determine if an unauthorized client is attempting to connect to your
wireless network. The Current Clients Report lists all wireless clients known to EPICenter. This
includes clients that have not yet logged in. Click on the Client State column heading to sort the client
list by client state. You can determine which clients are in an unauthenticated state.
EPICenter Concepts and Solutions Guide
111
Advertisement
Table of Contents
