Proper classification and categorization of devices (access points, clients etc.) helps suppress unnecessary unauthorized access point alarms, allowing network administrators to focus on alarms on devices actually behaving in a suspicious manner. An intruder with a device erroneously authorized could potentially perform activities that harm your organization.
Authorized access points and clients are generally known to you and conform with your organization‘s security policies. Unauthorized devices are those detected as interoperating within the network, but are not approved. These devices should be filtered to avoid jeopardizing the data within a managed network. Use this command to apply the neighboring and sanctioned (approved) filters on peer devices operating within a wireless controller or access point‘s radio coverage area. Detected client MAC addresses can also be filtered based on their classification.
device-categorization <DEVICE-CATEGORIZATION-LIST-NAME>
device-categorization <DEVICE-CATEGORIZATION-LIST-NAME>
<DEVICE-CATEGORIZATION-LIST-NAME> | Specify the device categorization list name. If a list with the same name does not exist, it is created. |
nx9500-6C8809(config-device-categorization-ap5xx)#? Device Category Mode commands: mark-device Mark a device no Negate a command or set its defaults clrscr Clears the display screen commit Commit all changes made in this session do Run commands from Exec mode end End current mode and change to EXEC mode exit End current mode and down to previous mode help Description of the interactive help system revert Revert changes service Service Commands show Show running system information write Write running configuration to memory or terminal nx9500-6C8809(config-device-categorization-ap5xx)#
no | Removes an existing device categorization list |