46CHAPTER 2: PLANNING AND MANAGING YOUR WIRELESS NETWORK WITH 3WXM
Rogue Detection A rogue AP is an access point that is not authorized to operate in or near your network. You can use RF countermeasures to deny service to or from a targeted rogue AP, and render them ineffective. Once a rogue AP is detected and reported, the closest 3Com MAP is assigned to perform RF countermeasures. By spoofing various 802.11 control messages, the MAP’s countermeasures disrupt association and authentication attempts to the rogue AP by any new clients. This also disrupts any active communications between any existing client and rogue AP.
You can collect statistics and view reports on:
Current rogue list, aggregated for the whole network
Current hour rogue list
Current day rogue list
30 days of rogue history, using best listener data
Rogue lifecycle events (when the rogue was first seen, by whom, and when it went away)
The number of currently detected rogues is conveniently displayed in the
Alerts panel.
If you use 3WXM RF Planning, you also can display the approximate geographic locations of rogue devices and their clients.
Event Logging 3WXM incorporates a powerful and flexible display interface for all events collected by the system. Events are stored on a
Category
Severity
Date and time ranges
WX switch
3WXM client and services log
Specific text string matches