Filter
Top Products
574 CHAPTER 26: ROGUE DETECTION AND COUNTERMEASURES
Configuring Rogue
Detection Lists
The following sections describe how to configure lists to specify the
devices that are allowed on the network and the devices that MSS should
attack with countermeasures.
(For information about how MSS uses the lists, see “Rogue Detection
Lists” on page 569.)
Configuring a
Permitted Vendor List
The permitted vendor list specifies the third-party AP or client vendors
that are allowed on the network. MSS does not list a device as a rogue or
interfering device if the device’s OUI is in the permitted vendor list.
By default, the permitted vendor list is empty and all vendors are allowed.
If you configure a permitted vendor list, MSS allows only the devices
whose OUIs are on the list. The permitted vendor list applies only to the
WX switch on which the list is configured. WX switches do not share
permitted vendor lists.
Countermeasures Packets sent by 3Com MAPs to
interfere with the operation of a
rogue or interfering device.
Countermeasures are configurable
on a radio-profile basis.
Yes Yes
Active scan Active scan sends probe any requests
(probes with a null SSID name) to
look for rogue APs.
Active scan is configurable on a
radio-profile basis.
Yes No
3Com MSP
signature
Value in a MAP’s management
frames that identifies the MAP to
MSS. MAP signatures help prevent
spoofing of the MAP MAC address.
No No
Log messages
and traps
Messages and traps for rogue
activity. Messages are described in
“IDS and DoS Alerts” on page 584.
Yes Yes
Table 48 Rogue Detection Features (continued)
Rogue
Detection
Feature Description
Applies To
Third-Party
APs Clients