Description
A rogue connected to the network does not match any of the configured Device Profiling Rules.
Scope
Version: 8.x, 9.x
Solution
1) Navigate to the Hosts View
8.x: Hosts > Host View
9.x: Users & Hosts > Hosts
2) Search for the MAC address and verify the rogue's adapter record status shows online (green adapter icon).
2a) If adapter record shows offline: Check switch or wireless connection. If device is confirmed to be online, see related KB articles
2b) If adapter record shows online: Right click on Host record and select Show Events.
3) After making corrections, test the rogue against the desired rule. Search for the MAC address in the Adapters View.
8.x:
Hosts > Adapter View
9.x: Users & Hosts > Adapters
4) Right click on the adapter record and select Test Device Profiling Rule.
5) Once the rule matches, re-run the rogue host evaluation.
8.x: Hosts > Device Profiling Rules and click Run.
9.x: Users & Hosts > Device Profiling Rules and click Run.