638CHAPTER A: TROUBLESHOOTING A WX SWITCH

Remotely

Remote traffic monitoring enables you to snoop wireless traffic, by using

Monitoring Traffic

a MAP as a sniffing device. The MAP copies the sniffed 802.11 packets

 

and sends the copies to an observer, which is typically a protocol analyzer

 

such as Ethereal or Tethereal.

How Remote Traffic

To monitor wireless traffic, a MAP radio compares traffic sent or received

Monitoring Works

on the radio to snoop filters applied to the radio by the network

 

administrator. When an 802.11 packet matches all conditions in a filter,

 

the MAP encapsulates the packet in a Tazmen Sniffer Protocol (TZSP)

 

packet and sends the packet to the observer host IP addresses specified

 

by the filter. TZSP uses UDP port 37008 for its transport. (TZSP was

 

created by Chris Waters of Network Chemistry.)

 

You can map up to eight snoop filters to a radio. A filter does not become

 

active until you enable it. Filters and their mappings are persistent and

 

remain in the configuration following a restart. The filter state is also

 

persistent across restarts. Once a filter is enabled, if the switch or the

 

MAP is subsequently restarted, the filter remains enabled after the restart.

 

To stop using the filter, you must manually disable it.

 

Using Snoop Filters on Radios That Use Active Scan

 

When active scan is enabled in a radio profile, the radios that use the

 

profile actively scan other channels in addition to the data channel that is

 

currently in use. Active scan operates on enabled radios and disabled

 

radios. In fact, using a disabled radio as a dedicated scanner provides

 

better rogue detection because the radio can spend more time scanning

 

on each channel.

 

When a radio is scanning other channels, snoop filters that are active on

 

the radio also snoop traffic on the other channels. To prevent monitoring

 

of data from other channels, use the channel option when you configure

 

the filter, to specify the channel on which you want to scan.

 

All Snooped Traffic Is Sent in the Clear

 

Traffic that matches a snoop filter is copied after it is decrypted. The

 

decrypted (clear) version is sent to the observer.

Page 637 Page 639
Page 638
Image 638
3Com WX1200 3CRWX120695A, WXR100 3CRWXR10095A, WX4400 3CRWX440095A, WX2200 3CRWX220095A manual Remotely, Monitoring Traffic
Page 637 Page 639

WX1200 3CRWX120695A, WX4400 3CRWX440095A, WXR100 3CRWXR10095A, WX2200 3CRWX220095A specifications

The 3Com WX2200 (3CRWX220095A), WX4400 (3CRWX440095A), WX1200 (3CRWX120695A), and WXR100 (3CRWXR10095A) are part of a robust suite of wireless networking solutions offered by 3Com, designed to meet the needs of modern enterprise environments. These devices provide reliable connectivity, flexibility, and scalability, making them ideal for businesses of all sizes.

The 3Com WX2200 is a high-performance wireless switch that supports up to 64 access points, making it suitable for medium to large deployments. It boasts advanced features such as dynamic RF management, which optimizes channel selection and power levels based on real-time network conditions. This ensures maximum coverage and minimizes interference, leading to improved user experiences. Additionally, it supports dual-band operation and can seamlessly integrate with various wireless access points, providing enhanced throughput and robust performance.

The WX4400 is designed for high-density environments and offers extensive scalability. It supports up to 128 access points and is equipped with advanced security features, including WPA2 enterprise encryption and role-based access control. This switch also features intelligent load balancing, allowing it to dynamically distribute user traffic across available access points, thus enhancing overall network efficiency.

The WX1200, positioned as an entry-level solution, is well-suited for small to medium-sized businesses. It offers a user-friendly management interface, allowing IT staff to quickly configure and monitor the network. This device supports a variety of deployment scenarios and can be easily integrated into existing infrastructure. It also comes equipped with essential security features to protect the network from unauthorized access.

The WXR100 complements the series by providing simplified management for access points, ensuring that businesses can easily deploy and maintain their wireless networks. It supports various management protocols and integrates with a variety of third-party systems, enhancing inter-operability. With Power over Ethernet (PoE) support, the WXR100 can deliver power to connected access points, reducing the complexity and costs associated with additional power infrastructure.

Together, these solutions embody 3Com's commitment to delivering high-quality networking products that enhance connectivity and performance. With features such as scalability, advanced security, dynamic load balancing, and centralized management, the WX2200, WX4400, WX1200, and WXR100 form a comprehensive wireless networking ecosystem tailored for today’s enterprise challenges.
Top Page Image Contents