Rogue Ap Detection; Viewing The Rogue Ap List - Cisco WAP581 Administration Manual

Wireless-ac/n dual radio access point with 2.5gbe lan

Hide thumbs Also See for WAP581:

Quick start manual (14 pages)

Quick start manual (17 pages)

Manual (10 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

page of 134

/ 134
Contents
Table of Contents
Bookmarks

Table of Contents

System Configuration

Rogue AP Detection

A Rogue AP is an access point that has been installed on a secure network without explicit authorization from

a system administrator. The rogue AP poses a security threat because anyone with access to the premises can

unconsciously or maliciously install an inexpensive wireless WAP device that can potentially allow unauthorized

parties to access the network.

The WAP device performs a RF scan on all channels to detect all APs in the vicinity of the network. If rogue

APs are detected, they are shown on the Rogue AP Detection page. If an AP listed as a rogue is legitimate, it

can be added to the Known AP List.

Note

The Detected Rogue AP List and Trusted AP List provide information. The AP does not have any control

over the APs on the list and cannot apply any security policies to APs detected through the RF scan.

When the Rogue AP detection is enabled, the radio periodically switches from its operating channel to scan

other channels within the same band.

Viewing the Rogue AP List

In order for the Rogue AP Detection to function, the wireless radio must be enabled. You should first enable

the radio interface before enabling the Rogue AP detection for the radio interface.

To enable the radio to collect information about rogue APs:

Step 1

Select Security > Rogue AP Detection.

Step 2

Check Enable to enable the AP Detection for Radio 1 and Radio 2.

Step 3

Click Apply.

The Detected Rogue AP List table displays all detected rogue APs. The Trusted AP List displays all trusted APs. The

following settings are displayed for each or the Rogue AP lists:

• MAC Address — The MAC address of the rogue AP.

• Radio — Indicates whether the rogue AP is detected on Radio 1 or Radio 2.

• Beacon Interval (Msec.) — The beacon interval used by the rogue AP. Beacon frames are transmitted by an AP at

regular intervals to announce the existence of the wireless network. The default behavior is to send a beacon frame

once every 100 milliseconds (or 10 per second). The Beacon Interval is set on the

• Type — The type of the device. The options are:

• AP — An AP rogue device that supports the IEEE 802.11 Wireless Networking Framework in infrastructure

mode.

• Ad hoc — A rogue station running in Ad hoc mode. The Ad hoc mode is an IEEE 802.11 Wireless Networking

Framework also referred to as peer-to-peer mode or an Independent Basic Service Set (IBSS).

• SSID — The Service Set Identifier (SSID) for the WAP device.

• Privacy — Indicates whether there is any security on the rogue device. The options are:

• Off — Security mode is off (no security).

Cisco WAP581 Wireless-AC/N Dual Radio Access Point with 2.5GbE LAN Administration Guide

Rogue AP Detection

Radio, on page 45

page.

Table of Contents

Rogue Ap Detection; Viewing The Rogue Ap List - Cisco WAP581 Administration Manual

Rogue AP Detection

Viewing the Rogue AP List

Related Manuals for Cisco WAP581

Related Content for Cisco WAP581

Table of Contents