11
D
C
ETECTING AND
OMBATTING
R
D
OGUE
EVICES
This chapter discusses how to manage rogue devices that try to use your
wireless network. Information includes an overview of detection features,
enabling countermeasures, using the Rogue Detection tab, displaying a
rogue's geographical location, ignoring friendly third-party devices, and
converting a rogue into a third party AP.
Overview
MAP radios automatically scan the RF spectrum for other devices
transmitting in the same spectrum. The RF scans discover third-party
transmitters in addition to other 3Com radios. MSS considers the
third-party transmitters to be devices of interest, which are potential
rogues.
You can display information about the devices of interest. To identify
friendly devices, such as third-party access points in your network or
neighbor's network, you can add them to the known devices list. You also
can enable countermeasures to prevent clients from using the devices
that truly are rogues. With 3WXM, you also can display the physical
location of a rogue device.
RF detection detects all the IEEE 802.11 devices in a Mobility Domain and
can single out the unauthorized rogue access points.
Rogue Access Points
A rogue access point is an access point that is not authorized to operate
and Users
in a network. Rogue access points and their clients undermine the
security of an enterprise network by potentially allowing unchallenged
access to the network by any wireless user or client in the physical vicinity.
Rogue access points and users can also interfere with the operation of
your enterprise network.
Ad Hoc Users
Another type of rogue is a private WLAN user group. The group might be
using an access point or software that provides access point functionality