Showing results for 
Search instead for 
Did you mean: 

Rogue System Detection - SNMP/telnet alerts from Switches/UPS/Hardware

Can anyone help with the following issue:

We have Rogue System Detection installed on 3 machines in a particular subnet. On this subnet and other subnets we have connected Cisco switches, routers, UPS and other hardware devices.

Daily we get a flood of SNMP alerts from these devices to warn of unauthorised access attempts on SNMP, telnet and HTTP ports, from these 3 machines that have the Rogue detection software installed.

I cannot see any where an option in EPO 4.0 to black list devices from been "probed" by this software, or any settings under the Rogue detection itself. As far as we were concerned, this software should just listen and capture frames, reporting MAC addresses to the EPO server, rather than actively seek out devices and try to access them.

Many thanks in advance if anyone can help.
4 Replies

RE: Rogue System Detection - SNMP/telnet alerts from Switches/UPS/Hardware

I guess you could go to the Rogue System Detection policy and under interfaces, list the ip's you don't wish to scan....

RE: Rogue System Detection - SNMP/telnet alerts from Switches/UPS/Hardware

Many thanks. I found the setting just after posting and I'm testing at the moment.

I have also had to take the tick out of the discover OS option since this was giving Event ID 50 TermDD errors and other impacts on some systems.

RE: Rogue System Detection - SNMP/telnet alerts from Switches/UPS/Hardware

What was the setting and where do you set it ?



RSD Woes


I had the same issue here. This is what I did to resolve it.

1. Go to your RSD policy.
2. Go to the Detection tab
3. Under Device Details detection make sure the box "Do not run NetBios calls against devices on these networks" is enabled.
4. Add you devices with 32bit Subnet mask ex: / 32

This alleviated our firewalls from complaining all of the time 🙂

Hope it helps!

Thank you,
More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community