Unknown Devices

Click the drop-down menu under Show and click on Unknown Devices. AirDefense displays a list of all Unknown Devices seen in your network. Unknown devices are defined from the source or destination address detected in communication to or from a wireless device. AirDefense can identify the wireless device the frame is sent from or received by, but if the MAC address listed as the ultimate source or destination is not a device identified by AirDefense, it is considered 'unknown'. These are almost always infrastructure devices on the wired network.

The list of Unknown Devices are displayed in a tabular format using a combination of the following columns:


Column	Description
Flag	Indicates if a Unknown Device has been flagged (blue flag ). (default header)
Device	Displays the Unknown Device icon along with the switch name. (default header)
Name	Displays the name of the Unknown Device.
MAC	Displays the Unknown Devices MAC address. (default header)
IP	Displays the Unknown Devices IP address. (default header)
Severity	Displays the Unknown Device threat level to your network. (default header)
First Seen	Displays the first time the Unknown Device was seen on the network.
Last Seen	Displays the last time the Unknown Device was seen on the network. (default header)
Scope	Displays where the Unknown Device is located within the network scope. (default header)
Floor	Displays the floor the Unknown Device is on. (default header)
Manufacturer	Displays the manufacturer of the device.
On Network	Identifies how AirDefense obtained the MAC address of a non-wireless device. The different entries are: Sensor SegmentThe frame containing MAC address was detected by a sensor on its wired port. This device is therefore known to be on a LAN segment containing the sensor and is therefore on the same wired infrastructure. SwitchThis MAC address was obtained from a data poll of the tables of a wireless switch. At some time, a know wireless device communicated with this unknown device. The unknown device is on the infrastructure somewhere, but the LAN segment is unknown. BlankThis MAC address was detected by a sensor radio and the wireless device communicating with this MAC is not sanctioned in AirDefense. This is most likely a device on a neighboring network and not part of the AirDefense protected infrastructure. Sanctioned BSSThis MAC address has been seen by a sensor in communication with a Sanctioned BSS and is likely to be a device on the AirDefense protected infrastructure, but has not been reported to AirDefense as being on the wired network by poll or discovery.
Classification	Displays how the Unknown Device is classified.