This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

IdentiFi Controller f/w 8.21.05.0005 detects Local Authorized APs/BSSIDs as Spoofed

IdentiFi Controller f/w 8.21.05.0005 detects Local Authorized APs/BSSIDs as Spoofed

FAQ_User
Extreme Employee

‎11-15-2013 10:39 PM

Article ID: 15064

Products
C20, C25, C4110, C5110, C5210, V2110; firmware 8.21.05.0005, 8.21.06.0006
IdentiFi (formerly Enterasys, HiPath) Wireless Controller

Symptoms
Some known BSSIDs are marked as Spoofed, Internal Honeypot, or Rogue.
In some cases the radios of the threat-designated Access Point (AP) are disabled.

Cause
Several variations of this issue can yield largely the same symptoms.

Solution/Workaround
Upgrade to firmware 8.21.07.0006 or higher.
Release notes state, in the 'Changes in 8.21.07.0006' section:
code:
wns0008416
code:
Corrects an issue that could result in a false positive event whereby an authorized AP is mis-classified as a threat.


Pre-upgrade workaround:
    Identify the false threat items in the Active Threats Report.
  1. Add them to the friendly list.
  2. Go to the Radar->Maintenance->Friendly page and make them Authorized.
  3. Check on the Radar->Maintenance->Authorized page that the BSSIDs/MACs are there.
0 Kudos
0 REPLIES 0
GTM-P2G8KFN