Article ID: 15064
Products
C20, C25, C4110, C5110, C5210, V2110; firmware 8.21.05.0005, 8.21.06.0006
IdentiFi (formerly Enterasys, HiPath) Wireless Controller
Symptoms
Some known BSSIDs are marked as Spoofed, Internal Honeypot, or Rogue.
In some cases the radios of the threat-designated Access Point (AP) are disabled.
Cause
Several variations of this issue can yield largely the same symptoms.
Solution/Workaround
Upgrade to firmware 8.21.07.0006 or higher.
Release notes state, in the 'Changes in 8.21.07.0006' section:
code:Corrects an issue that could result in a false positive event whereby an authorized AP is mis-classified as a threat.
Pre-upgrade workaround:
Identify the false threat items in the Active Threats Report.
- Add them to the friendly list.
- Go to the Radar->Maintenance->Friendly page and make them Authorized.
- Check on the Radar->Maintenance->Authorized page that the BSSIDs/MACs are there.