I just spotted this on our WCS6.0
MFP Anomaly Detected - 3,461 'Invalid MIC' violation(s) have originated from the AP with BSS '00:16:9d:44:65:d0'. This was detected by the radio with Slot ID '0' of the AP with MAC '00:19:aa:f5:5b:a0' when observing 'Probe Response, Beacon, and Deauthentication' frames.
3,461 seems like far too much - is this an attack? What should I do?
The message reads "originated from the AP", I've id'd the AP in WCS - are one of our APs acting up?
What is going on?