The threshold will alert when any MAC addresses listed here broadcast SSID's in the given time interval.

Track devices using banned MAC addresses that behave like access points and broadcast SSIDs to wireless clients. See access point masquerading and SSID collisions between new and obsoleted access points, IoT devices using private networks, and more.

Configure a Wireless Rogue Access Point MAC Addresses threshold:

• Name. Used in the Threshold library and the title on the Alert Center Dashboard.
• Notification Policy. (Optional) Select the notification policy to apply to this threshold. The policy initiates notifications when an item is outside the configured threshold limits.
• Threshold Check Interval. Enter a time interval for Alert Center to check the Network Performance Monitor database for items that are out of the threshold limits.

  Automatically resolve items no longer out of threshold. Select this option if you want Alert Center to automatically resolve items when they return to the value within the threshold limit.

Note: Notification policies are optional for most thresholds. If you do not select a notification policy, no notifications are generated for the threshold, but a dashboard report listing the out of threshold items still appears on the Alert Center Home page.

Add Condition Rules:

• Duration. Compile a running total of all unrecognized SSID events during this time range or "rolling interval."
• Banned MAC Addresses. Enter any rogue MAC addresses separated by commas.

Select Applied Devices

• Apply to All Devices. By default, the threshold monitors all applicable hosts.

  Exclude Devices. Select to build or apply an exclusion list.

• Click Apply this Threshold to Specific Devices to choose the hosts to which the threshold applies.

  Note: Configure the threshold check interval for a longer time than the sampling interval for thresholds relating to trends, such as percent utilization. Configure it for a time the same as (or similar to) the sampling interval when configuring a threshold for a health check.

Tip: Avoid setting the threshold check interval to a very short time. Aggressive intervals can degrade system performance. In general, setting the threshold check interval to less than five minutes is not advised.

The threshold will alert when any MAC addresses listed here broadcast SSID's in the given time interval.

Track devices using banned MAC addresses that behave like access points and broadcast SSIDs to wireless clients. See access point masquerading and SSID collisions between new and obsoleted access points, IoT devices using private networks, and more.

Configure a Wireless Rogue Access Point MAC Addresses threshold:

• Name. Used in the Threshold library and the title on the Alert Center Dashboard.
• Notification Policy. (Optional) Select the notification policy to apply to this threshold. The policy initiates notifications when an item is outside the configured threshold limits.
• Threshold Check Interval. Enter a time interval for Alert Center to check the Network Performance Monitor database for items that are out of the threshold limits.

  Automatically resolve items no longer out of threshold. Select this option if you want Alert Center to automatically resolve items when they return to the value within the threshold limit.

Note: Notification policies are optional for most thresholds. If you do not select a notification policy, no notifications are generated for the threshold, but a dashboard report listing the out of threshold items still appears on the Alert Center Home page.

Add Condition Rules:

• Duration. Compile a running total of all unrecognized SSID events during this time range or "rolling interval."
• Banned MAC Addresses. Enter any rogue MAC addresses separated by commas.

Select Applied Devices

• Apply to All Devices. By default, the threshold monitors all applicable hosts.

  Exclude Devices. Select to build or apply an exclusion list.

• Click Apply this Threshold to Specific Devices to choose the hosts to which the threshold applies.

  Note: Configure the threshold check interval for a longer time than the sampling interval for thresholds relating to trends, such as percent utilization. Configure it for a time the same as (or similar to) the sampling interval when configuring a threshold for a health check.

Tip: Avoid setting the threshold check interval to a very short time. Aggressive intervals can degrade system performance. In general, setting the threshold check interval to less than five minutes is not advised.

Clone a threshold based on a custom or built-in configuration:

1. Click on a threshold on the Thresholds Library panel you want to copy.
2. Click the Copy button, and click OK to create a new Rogue Access Point MAC Address Threshold.

   The Edit Rogue Access Point MAC Address Threshold dialog displays.

3. Save or customize your new threshold, either:
   • Type in a new value for Name field (or keep the default) and click OK to save to the Thresholds Library.
   • Follow the Edit Rogue Access Point MAC Address Threshold instructions.

Delete an existing Rogue Access Point MAC Address Threshold:

1. Select Rogue Access Point MAC Address Threshold you want to delete from the Rogue Access Point MAC Address Threshold panel.
2. Click the Delete button, and then click Yes to confirm the deletion.

   The Rogue Access Point MAC Address Threshold configuration is deleted.