Filter
Top Products
Rogue Detection Requirements 459
To use countermeasures, they must be enabled. You can enable them on
an individual radio profile basis. (See “Viewing and Configuring Radio
Profiles” on page 263.)
Mobility Domain
Requirement
RF Detection requires the Mobility Domain to be completely up. If a
Mobility Domain is not fully operational (not all members are up), no new
RF Detection data is processed. Existing RF Detection information ages
out normally. Processing of RF Detection data is resumed only when all
members of the Mobility Domain are up. If a seed switch in the Mobility
Domain cannot resume full operation, you can restore the Mobility
Domain to full operation, and therefore resume RF Detection data
processing, by removing the inoperative switch from the member list on
the seed.
CounterMeasureStop Indicates that MSS has stopped
countermeasures against a rogue access
point.
RFDetetSpoofedMacAP Indicates that MSS has detected a wireless
packet with the source MAC address of a
3Com MAP, but without the spoofed MAP’s
signature (fingerprint).
RFDetectSpoofedSSIDAP Indicates that MSS has detected beacon
frames for a valid SSID, but sent by a rogue
AP.
RFDetectDoS Indicates that MSS has detected a DoS attack
other than an associate request flood,
reassociate request flood, or disassociate
request flood.
RFDetectDoSPort Indicates that MSS has detected an associate
request flood, reassociate request flood, or
disassociate request flood.
RFDetectClientVARogueWiredAP Indicates that MSS has detected, on the wired
part of the network, the MAC address of a
wireless client associated with a third-party
AP.
Table 58 SNMP Notifications for RF Detection
Notification Type Description