Using the Rogue Clients Report
The Rogue Clients report tracks the number of valid users that connected to rogues in the specified time frame, and can be filtered by rogue classification. You can specify to include ad-hoc devices can be included and detailed information about the clients.
By default, the minimum RAPIDS classification is Suspected Rogue, and the maximum is Contained Rogue.
Figure 1 Rogue Clients Report Page Illustration
Table 48: Rogue Clients fields and descriptions
|
Field
|
Description
|
|
Misassociations by Unique Rogue APs
|
For each Rogue AP, this table includes the SSID of the device, the number of misassociations, and the RAPIDS Classification.
|
|
Misassociations by Unique MAC addresses
|
This table shows details about MAC address that are being registered as rogue clients, including the user name (if available) and the number of misassociations.
|
|
Rogue Clients
|
|
MAC Address
|
The MAC address of the rogue client
|
|
Username
|
The user name of the rogue client, if available
|
|
SSID
|
The SSID of the rogue client
|
|
First Heard
|
The date/time when the rogue client was first detected on the network
|
|
Ch BW
|
The channel bandwidth of the client, if available
|
|
Radio Mode
|
The radio mode that the rogue client is using
|
|
SNR
|
The signal-to-noise ratio, if available
|
|
Channel
|
The channel of the rogue device, if available
|
|
Location
|
The location of the rogue client, if available
|
|
RAPIDS Classification
|
The current classification of the rogue client
|
