This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Let me know differente between Mark As Know and Kark As Malicious.

ko_lin_9y97fkm6
New Contributor

‎02-27-2019 10:10 PM

I using ZD 1200 with 10.1.1.0 build 55. I'm not clear about below Rogue. How can I block these Rouge SSID.
Image_ images_messages_5f91c3fe135b77e24790f240_a7ab3cc5de9aec042fe20139833423b8_RackMultipart2019022821579q1gv-29ae397c-de1b-4d59-9aa2-8fda9b041d21-1800878151.PNG1551334150

Have a good day,

Lin
1 REPLY 1

albert_pierson
RUCKUS Team Member

‎02-28-2019 08:09 AM

Hi Ko Lin,

Ruckus detects any AP sending beacons as "rogue" devices when in reality many of them are just neighbor devices.

Malicious rogues are devices that are detected attempting to attack the Ruckus Network via spoofing of MAC, BSSID, or on the same (protected Network) as the Ruckus AP's. 

Only AP's that are identified as doing malicious operations can be blocked by the Ruckus WIPS feature.

When genuine AP receives the update list from ZD, it will know who is malicious AP, then it will send deauth to those Mal APs on the channel it detected the mal APs.

Please be careful as MAC and BSSID spoofed AP's may also deauthenticate actual approved client devices on Ruckus AP's and not just the "Malicious rogue" devices


Other Neighbor AP's cannot be blocked as users of unlicensed band and blocking other users may be a violation of local radio regulations.

Please check some of the following articles in Ruckus Knowledge base:



I hope this answers your question

Thanks for selecting Ruckus Wireless









Copyright © 2024 Khoros, LLC