Let me know differente between Mark As Know and Kark As Malicious.

  • 1
  • Question
  • Updated 3 weeks ago
  • Answered
I using ZD 1200 with 10.1.1.0 build 55. I'm not clear about below Rogue. How can I block these Rouge SSID.


Have a good day,

Lin
Photo of Ko Lin

Ko Lin

  • 1 Post
  • 0 Reply Likes

Posted 3 weeks ago

  • 1
Photo of Albert Pierson

Albert Pierson, Employee

  • 59 Posts
  • 48 Reply Likes
Hi Ko Lin,

Ruckus detects any AP sending beacons as "rogue" devices when in reality many of them are just neighbor devices.

Malicious rogues are devices that are detected attempting to attack the Ruckus Network via spoofing of MAC, BSSID, or on the same (protected Network) as the Ruckus AP's. 

Only AP's that are identified as doing malicious operations can be blocked by the Ruckus WIPS feature.

When genuine AP receives the update list from ZD, it will know who is malicious AP, then it will send deauth to those Mal APs on the channel it detected the mal APs.

Please be careful as MAC and BSSID spoofed AP's may also deauthenticate actual approved client devices on Ruckus AP's and not just the "Malicious rogue" devices


Other Neighbor AP's cannot be blocked as users of unlicensed band and blocking other users may be a violation of local radio regulations.

Please check some of the following articles in Ruckus Knowledge base:



I hope this answers your question

Thanks for selecting Ruckus Wireless