1 - 22 WiNG 4.4 Switch System Reference Guide
RF scan by Access Port on one channel
This process requires an Access Port to assist in Rogue AP detection. It functions as follows:
• The switch sends a new configuration message to the adopted AP informing it to detect Rogue APs.
• The Access Port listens for beacons on its present channel.
• It passes the beacons to the switch as it receives them without any modification.
• The switch processes these beacon messages to generate the list of APs
This process of detecting a Rogue AP is non-disruptive and none of the MUs are disassociated during this process. The
Access Port will only scan on its present channel. An AP300 provides this support.
By choosing this option for detection, all capable Access Ports will be polled for getting the information.
RF scan by Access Port on all channels
The process used to scan for Rogue APs on all available channels functions as follows:
• The switch sends a configuration message (with the ACS bit set and channel dwell time) to the Access Port.
• An Access Port starts scanning each channel and passes the beacons it hears on each channel to the switch.
• An Access Port resets itself after scanning all channels.
• An switch then processes this information
SNMP Trap on discovery
An SNMP trap is sent for each detected and Rogue AP. Rogue APs are only detected, and notification is provided via a
SNMP trap.
Authorized AP Lists
Configure a list of authorized Access Ports based on their MAC addresses. The switch evaluates the APs against the
configured authorized list after obtaining Rogue AP information from one of the 2 mechanisms as mentioned in
Rogue AP
Detection on page 1-21
.
Rogue AP Report
After determining which are authorized APs and which are Rogue, the switch prepares a report.
Motorola Solutions RFMS Support
With this most recent switch firmware release, the switch can provide rogue device detection data to the Motorola
Solutions RF Management software application (or Motorola Solutions RFMS). Motorola Solutions RFMS uses this data
to refine the position and display the rogue on a site map representative of the physical dimensions of the actual radio
coverage area of the switch. This is of great assistance in the quick identification and removal of unauthorized devices.
1.2.5.8 ACLs
ACLs control access to the network through a set of rules. Each rule specifies an action taken when a packet matches a
set of rules. If the action is deny, the packet is dropped. If the action is permit, the packet is allowed. If the action is to
mark, the packet is tagged for priority. The switch supports the following types of ACLs:
• IP Standard ACLs
• IP Extended ACLs
NOTE:
Wired side scanning for Rogue APs using WNMP is not supported. Similarly,
Radius lookup for approved AP is not provided.
Summary of Contents for WiNG 4.4
Page 1: ...Motorola Solutions WiNG 4 4 SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 3: ...MOTOROLA SOLUTIONS WING 4 4 SYSTEM REFERENCE GUIDE 72E 157062 01 Revision A January 2012 ...
Page 6: ...iv WiNG 4 4 Switch System Reference Guide ...
Page 14: ...xii WiNG 4 4 Switch System Reference Guide ...
Page 48: ...1 32 WiNG 4 4 Switch System Reference Guide ...
Page 58: ...2 10 WiNG 4 4 Switch System Reference Guide ...
Page 280: ...4 176 WiNG 4 4 Switch System Reference Guide ...
Page 352: ...5 72 WiNG 4 4 Switch System Reference Guide ...
Page 476: ...6 124 WiNG 4 4 Switch System Reference Guide ...
Page 506: ...7 30 WiNG 4 4 Switch System Reference Guide ...
Page 532: ...8 26 WiNG 4 4 Switch System Reference Guide ...
Page 536: ...A 4 WiNG 4 4 Switch System Reference Guide ...
Page 544: ...B 12 WiNG 4 4 Switch System Reference Guide ...
Page 558: ...B 26 WiNG 4 4 Switch System Reference Guide ...
Page 574: ...C 16 WiNG 4 4 Switch System Reference Guide ...
Page 596: ...E 4 WiNG 4 4 Switch System Reference Guide ...
Page 597: ......