At present there are 2 options for wired to LAN wireless rogue detection
1) Enable Rogue Location Discovery Protocol which can detect wired to LAN access points that have open authentication
2) Deploy dedicated rogue detector access points which compare the wired arp tables with the wireless arp tables on the WLC's.
You can see the problem with option 1 - the rogue AP can only be detected if open authentication is used.
You can also see the problem with option 2 in the cost of deploying dedicated APs.
Do you think in future releases of WCS that the rogue detector AP can be replaced by simply getting the ARP table from the wired infrastructure via SNMP.
Does anybody know if this is a roadmap item for the WCS?