Violation Type | Displays the reason the violation occurred for each detected MU. The following violation | |
| types are possible: | |
| • | excessive probes |
| • | excessive associations |
| • | excessive disassocs |
| • | 802.11 replay failures |
| • | crypto replay failures |
| • | decryption failures |
| • | authentication failures |
| • | all 0's address |
| • | same |
| • | multicast source address |
| • use of weak WEP IV | |
| • | TKIP countermeasures |
| • | excessive EAP/802.1x frames |
| Use the Violation Type to discern whether the detested MU is truly a threat on the switch | |
| managed network (and must be removed) or can be interpreted as a non threat. | |
Time Remaining | Displays the time remaining before the next filter activity. Detected MUs are removed from | |
| the filtered list when they no longer violate the thresholds defined within the Configuration | |
| tab. |
3.Select a detected MU and click the Delete button to remove it from the list of MUs you are tracking as potential threats within the switch managed network.
6.4Configuring Wireless Filters
Use filters to either allow or deny a MAC address (or groups of MAC addresses) from associating with the switch. Refer to the Wireless Filters screen to review the properties of existing switch filters. A filter can be selected from those available and edited or deleted. Additionally, a new filter can be added if an existing filter does not adequately express the MU’s address range required.
To display the Wireless Filters main page:
1.Select Security > Wireless Filters from the main menu tree.
2.The Wireless Filters tab is divided into 2 fields:
•Filters
•Associated WLANs