Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-Airwave

201

202

203

204

205

206

207

208

209

210

203 | Using RAPIDS and Rogue Classification Dell Networking W-AirWave 8.2.4 | User Guide

WMSOffload is not required to manage containment in W-AirWave.

Field Default Description

Manage rogue AP

containment

No Specifies whether RAPIDS will manage the classification of rogue APs

on Cisco WLCand Dell controllers to match the classification of those

rogues in RAPIDS. This includes the "Contained" classification. If this

setting is enabled, then the Maximum number of APs to contain

a rogue setting can be configured. Similarly, if this is enabled, then

the Contained Rogue option will appear in the classification drop

down menu when you add a new classification rule. (See "Viewing

and Configuring RAPIDS Rules" on page 205 for more information.)

Manage rogue

APcontainment in

monitor-only mode

No Specify whether rogue AP containment can be performed in monitor-

only mode. Note that containment updates will always be pushed to

devices that are running WMS Offload, regardless of this setting.

Maximum number of APs

to contain a rogue

N/A If Manage rogue AP containment is enabled, then specify the

maximum number of APs that can contain a rogue on Cisco WLC

controllers.

Table 99: RAPIDS > Setup > Containment Options Fields and Default Values

Filtering Options

Filtered rogues are dropped from the system before they are processed through the rules engine. This can speed

up overall performance but will eliminate all visibility into these types of devices.

Field Default Description

Ignore Ad-hoc rogues No Filters rogues according to ad-hoc status.

Ignore Rogues by Signal

Strength

No Filters rogues according to signal strength. Since anything below

the established threshold will be ignored and possibly dangerous,

best practices is to keep this setting disabled. Instead, incorporate

signal strength into the classification rules on the RAPIDS > Rules

page.

Ignore Rogues Discovered

by Remote APs

No Filters rogues according to the remote AP that discovers them.

Enabling this option causes W-AirWave to drop all rogue discovery

information coming from remote APs.

Ignore IDS Events from

Remote APs

No Filters IDS Events discovered by remote APs.

Ignore Events from VLAN(s) N/A Specify a VLAN or list of VLANs to be ignored when a wired rogue

discovery event occurs. MAC addresses that appear on these

VLANs will not be used for rogue detection or upstream device

determination.

Ignore Events from

Interface Label(s)

N/A Specify an interface or list of interfaces to be ignored when a wired

rogue discovery event occurs. MAC addresses that appear on

these interface labels will not be used for rogue detection or

upstream device determination.

Table 100: RAPIDS > Setup > Filtering Options Fields and Default Values