cancel
Showing results for 
Search instead for 
Did you mean: 

Please separate out rogue vs. malicious rogue email alerts

rob_bush
New Contributor II

Please modify your code to have two separate alert functions for rogue vs. malicious rogue AP's.  I currently have my vSZ 5.2.0.0.699 configured to email me for code "186 - Classified rogue AP."  Unfortunately this sends me an email for EVERY rogue device it finds, which is about one rogue detected every 30 seconds across my entire network which is greater than 2000 alerts a day!  I am ONLY interested in being alerted to malicious rogue devices, but there is not way to specify alerting on just malicious rogue devices, it's all or nothing which is incredibly frustrating.  Perhaps the other solution is to stop marking every seen SSID as rogue?  It's a bit silly to me that every SSID seen is marked as a "rogue" device, thereby having the ruckus un-educated to think someone is trying to hack your network.  For most normal users, a rogue device means a bad device that needs to be dealt with, not the high-end car with built in WiFi starting up in the parking lot at the end of the day.

Because malicious rogue email alerting is incredibly important to us, I am now using an Outlook server-side rule to delete the standard Rogue notifications as they are completely useless; this has allowed only the malicious rogue email notifications through.  This is a solution to a problem that never should have existed!

2 REPLIES 2

martin_martin
Valued Contributor

Hi Rob,

We are always keen on improving our product.

Any changes to our current product design are handled via the Sales organisation.

Best is to contact your Ruckus Sales Rep and let him put in a Feature Request.

Kind regards

Martin

mlcarson
New Contributor

Is there any solution to this?    I've been searching documentation and so far have found nothing.   It's ridiculous that rogue AP's detected outside of policy/rules show up as rogue and there's no way to eliminate them.   We are located in an area where we get every car that has Wifi enabled as a rogue AP because of a  a busy highway and a Lowes parking lot.   I only want to alert on rogue AP's that we declare as malicious that are Spoofing our SSID's.