i have a Question reguardion Rogue System Sensor 4.7. We switched to McAfeee installed EPO Server (installed on Windows 2008 R2) with VSE and Rogue System Detection.
No i have a lot Errors on my Microsoft Network Policy Server Event Log. All Machines (Windows 7 Machines and Server with Windows 2008 R2) with an Rogue Sensor send Wrong RADIUS Messages throughout the Network
NPS Event ID 13:
RADIUS message was received from the invalid RADIUS client IP address xxx.xxx.xxx.xxx
Is there any Option so that the Rogue Sensors will not send those wrong RADIUS Messages?
The os identification is doing that.
You can exclude Subnets (or devices with a 31 bit mask) from being scanned in the RSD policy, Detection tab. Enable the option below and enter your subnets or devices you don't like being scanned
Thanks for the info.
I changed the RSD-Policy and will have a look at the logfiles tomorrow.
But what do you mean by the 31bit-SNM? Whats devices will then be excluded from being scanned?
the option is to enter subnets, an entry with a 31 bit snm correspond to one device.
I'm making the assumption that sepcific devices are being hit with the banner scan to identify what type of device they are and that is what is causing your issue.
Okay, now i get it.
So i would just have to exclude our DCs who receive these messages, and that should be it.
Many thanks for the help.
Much faster than McAfee gold business support.