Nortel Networks 2300 Switch User Manual

Open as PDF

of 758

630 Rogue detection and counter measures

NN47250-500 (320657-F Version 02.01)

Countermeasures are disabled by default. You can enable them on an individual radio-profile basis. When you enable

them, all devices of interest that are not in the known devices list become viable targets for countermeasures. Counter-

measures can be enabled against all rogue and interfering devices, against rogue devices only, or against devices

explicitly configured in the WSS’s attack list. The Mobility Domain’s seed switch automatically selects individual

radios to send the countermeasure packets.

Mobility Domain requirement

RF Detection requires the Mobility Domain to be completely up. If a Mobility Domain is not fully operational (not all

members are up), no new RF Detection data is processed. Existing RF Detection information ages out normally.

Processing of RF Detection data is resumed only when all members of the Mobility Domain are up. If a seed switch in

the Mobility Domain cannot resume full operation, you can restore the Mobility Domain to full operation, and therefore

resume RF Detection data processing, by removing the inoperative switch from the member list on the seed.

Summary of rogue detection features

Table 1 lists the rogue detection features in WSS Software.

Table 1.Rogue detection features

Rogue Detection

Feature

Description

Applies To

Third-Party

APs

Clients

Classification WSS Software can classify third-party

APs as rogues or interfering devices. A

rogue is a third-party AP whose MAC

address WSS Software knows from the

wired side of the network. An

interfering device does not have a

MAC address known on the wired side.

WSS Software can detect rogue clients,

locate their APs, and issue

countermeasures against the APs.

Yes Yes

Permitted vendor list List of OUIs to allow on the network.

An OUI is the first three octets of a

MAC address and uniquely identifies

an AP’s or client’s vendor.

Yes No

Permitted SSID list List of SSIDs allowed on the network.

WSS Software can issue

countermeasures against third-party

APs sending traffic for an SSID that is

not on the list.

Yes Yes

Client black list List of client or AP MAC addresses

that are not allowed on the wireless

network. WSS Software drops all

packets from these clients or APs.

Yes Yes

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Nortel Networks 2300 Switch User Manual