Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Finding Rouge APs

Is there a tool or possibly a feature within Cisco's ACS that will help Identify any APs being added to the network (friend or foe?) Any URL to such an item welcome to discuss such a tools limiations.

Thanks

4 REPLIES
Cisco Employee

Re: Finding Rouge APs

Q: What client version is required for the detection of non-leap ap's

(Tattle Tale)? when will this version be posted to CCO?

A: The client firmware that provides the LEAP "tattle tale" feature will

available in future .

The AP will receive a "Potential Rogue AP" message, which falls into "Protocol Alert" category- "Event Disposition" level for Protocol Alert would need to be set to higher level (4=notify) in order to generate SNMP traps.

For detailed information on this topic please refer the Rogue AP Detection and Mitigation Application Note which is available from the Enterprise Solutions Engineering home page, http://wwwin.cisco.com/ent/ese/ by clicking the Wireless and Design Guidance links

----------------------------------------------------------

Preventing Rogue Access Points

The first priority for enterprise IT security departments should be to prevent rogue APs in the first place.

·

**Create and publish policy banning employee installations of WLAN equipment

·

**Physical security of enterprise premises

·

**Provide a supported WLAN infrastructure – removing the motivation for employee installs

·

**Implement IEEE 802.1x Port Based Security

·

**Use Catalyst Switch filters

-----------------------------------------------------

Detecting Rogue APs

In addition to the rogue AP prevention mechanisms mentioned above, a combination of the following rogue AP detection methods should also be used by the IT security administrator;

· Detecting Rogue APs Wirelessly

· Detecting Rogue APs from the wired network

· Detecting Rogue APs by Physical Observation

Nilesh

New Member

Re: Finding Rouge APs

Where does this "client" reside on AP or only on Cisco Wireless NICs?

It appears "clients" report back to AP's and APs send SNMP trap to system to identify the rouge AP, is that right?

Well, instead of asking 10 more questions, could you please reply with another URL reference if there is one for this "Tattle Tale"? FYI, your other URL fails at this time, even though I suspect that only references the ladder items in your first response.

Anyway, thanks for anything else you can provide!!!

New Member

Re: Finding Rouge APs

have alook at www.isomair.com

New Member

Re: Finding Rouge APs

have alook at www.isomair.com

333
Views
0
Helpful
4
Replies
CreatePlease to create content