3com WX2200 3CRWX220095A User Manual

C

HAPTER

 26: R

OGUE

 D

ETECTION

 

AND

 C

OUNTERMEASURES

The permitted SSID list specifies the SSIDs that are allowed on the 
network. If MSS detects packets for an SSID that is not on the list, the AP 
that sent the packets is classified as a rogue. MSS issues countermeasures 
against the rogue if they are enabled. 

By default, the permitted SSID list is empty and all SSIDs are allowed. If 
you configure a permitted SSID list, MSS allows traffic only for the SSIDs 
that are on the list. The permitted SSID list applies only to the WX switch 
on which the list is configured. WX switches do not share permitted SSID 
lists.

If you add a device that MSS has classified as a rogue to the permitted 
SSID list, but not to the ignore list, MSS can still classify the device as a 
rogue. Adding an entry to the permitted SSID list merely indicates that 
the device is using an allowed SSID. However, to cause MSS to stop 
classifying the device as a rogue, you must add the device’s MAC address 
to the ignore list.

To add an SSID to the list, use the following command:

set rfdetect ssid-list ssid-name

The following command adds SSID mycorp to the list of permitted SSIDs:

WX4400# set rfdetect ssid-list mycorp
success:  ssid mycorp is now in ssid-list.

To display the permitted SSID list, use the following command:

display rfdetect ssid-list

The following example shows the permitted SSID list on a WX switch:

WX1200# display rfdetect ssid-list
Total number of entries: 3
       SSID
-----------------
           mycorp
        corporate
            guest 

To remove an SSID from the permitted SSID list, use the following 
command:

clear rfdetect ssid-list ssid-name