Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Rogue detection

Hi,

I would need some clarifications about rogue AP detection. First, in order to configure the passive rogue detection is it necessary to just setup a rogue detector AP or I also need to enable RLDP? Second, in your experience how much is it reliable?

Thanks,
Matteo

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Rogue detection

Hi Matteo:

Passive rogue detection is just on--no rogue detector AP required!  Just like anything else in life, the more resources you put toward something, the better it's going to be.  If you have AP Authentication or MFP configured (which you should anyway), you'll have fewer false alarms and the routines will know not to call your own APs rogues.  RLDP will tell you if a rogue AP is just cabled up in your network but doesn't have any clients yet and will allow you to do switchport tracing to find one from the switch side.  Rogue Detector APs don't handle client traffic, they just dedicate themselves to listening and reporting rogue activity back to the controller.  In a world where budgets are tight, we hear that it can be tough to get funding for APs that don't service clients.  Again, you don't *have* to do any of it, just the more you put in, the more accurate your results will be.

As for inaccuracies, that usually comes from folks having things misconfigured in their network or not having enough configured (i.e. choosing to not do RLDP or Rogue Detectors.)

Sincerely,

Rollin Kibbe

Network Management Systems Team

1 REPLY
Cisco Employee

Re: Rogue detection

Hi Matteo:

Passive rogue detection is just on--no rogue detector AP required!  Just like anything else in life, the more resources you put toward something, the better it's going to be.  If you have AP Authentication or MFP configured (which you should anyway), you'll have fewer false alarms and the routines will know not to call your own APs rogues.  RLDP will tell you if a rogue AP is just cabled up in your network but doesn't have any clients yet and will allow you to do switchport tracing to find one from the switch side.  Rogue Detector APs don't handle client traffic, they just dedicate themselves to listening and reporting rogue activity back to the controller.  In a world where budgets are tight, we hear that it can be tough to get funding for APs that don't service clients.  Again, you don't *have* to do any of it, just the more you put in, the more accurate your results will be.

As for inaccuracies, that usually comes from folks having things misconfigured in their network or not having enough configured (i.e. choosing to not do RLDP or Rogue Detectors.)

Sincerely,

Rollin Kibbe

Network Management Systems Team

495
Views
0
Helpful
1
Replies