Any configuration examples out there on how to configure rogue AP containment? We have a pen tester in with an AP that's configured to use the same SSID's as the production network. Users are attaching to his device so he can steal their creds.
We have RF Protect licenses installed on the controllers and I was under the assumption that the canned values with RF Protect should deny or contain this traffic. Doesn't look like this is happening.
We're using 7210 controllers and new AP-335's for AP's, as well as 3 AP-335's for Air Monitors across the floor. Any configuration help would be most appreciated.