05-09-2014 11:36 AM
We recently started using more of the IDS features in 6.3 and now I am seeing a ton of AP Spoofing messages on our controller on AP's all over the campus. I have a few questions that hopefully someone can help with...
When the controller detects spoofing, what happens after that? Is there a way to contain/mitigate it? Also, is there anything that can cause false alarms? Because other than this our network looks pretty good and we don't get complaints from users about connectivity very often.
Thanks in advance!
05-09-2014 12:09 PM
There are protection mechanisms you can put in place. These are covered in the user guide. However, in order to rule out any false positivies...can you please work with support to determine what these messages mean?
Consulting Systems Engineer - ACCX, ACDX, ACMX
If you found my post helpful, please give kudos