User's Manual
Table Of Contents
- Welcome to the Airespace Product Guide!
- OVERVIEWS
- About the Airespace System
- About the AireOS
- Single-Airespace Switch or Appliance Deployments
- Multiple-Airespace Switch and Appliance Deployments
- About AireOS Security
- About Airespace Wired Security
- About AireWave Director Software
- About the Master Airespace Switch or Appliance
- About the Primary Airespace Switch or Appliance
- About Client Roaming
- About External DHCP Servers
- About Airespace Mobility Groups
- About Airespace Wired Connections
- About Airespace WLANs
- About File Transfers
- About Power Over Ethernet
- About Airespace Switches and Appliances
- 4012 and 4024 Airespace Wireless Switch Models
- 4101 and 4102 Airespace WLAN Appliance Models
- Airespace Switch and Appliance Features
- Airespace Switch and Appliance Model Numbers
- Airespace Wireless Switch Direct Connect Mode
- Airespace Switches and Appliances in Appliance Mode
- Airespace Wireless Switch Hybrid Mode
- About the Distribution System Port
- About the Service (Management) Port
- About the Startup Wizard
- About Airespace Switch and Appliance Memory
- Airespace Switch and Appliance Failover Protection
- Switched Network Connection to the Airespace Switch or Appliance
- Enhanced Security Module
- About Airespace Access Points
- About Airespace AP Models
- About Airespace AP External and Internal Antennas
- About Airespace AP LEDs
- About Airespace AP Connectors
- About Airespace AP Power Requirements
- About Airespace AP External Power Converter
- About Airespace AP Mounting Options
- About Airespace AP Physical Security
- About Airespace AP Monitor Mode
- About Third-Party Access Points
- About Rogue Access Points
- About the Airespace Control System Software
- About the Airespace Web Browser Interface
- About the Airespace Command Line Interface
- About the Airespace System
- SOLUTIONS
10/10/03 Rogue Access Points
90-100584-004 Airespace Product Guide 60
About Rogue Access PointsRogue Access Point s
Because they are inexpensive an readily available, clients are plugging unauthorized rogue access
points (rogue APs) into existing LANs and building ad hoc wireless networks without IT department
knowledge or consent.
These rogues can be a serious breach of network security, because they can be plugged into a network
port behind the corporate firewall. Because clients generally do not enable any security settings on the
rogues, it is easy for unauthorized clients to use the access point to intercept network traffic and hijack
client sessions. Even more alarming, wireless clients and war chalkers frequently publish unsecure
access point locations, increasing the odds of having the enterprise security breached.
Rather than using a person with a scanner to manually detect rogue APs, the Airespace System auto-
matically collects information on rogue access points detected by its managed Airespace Access Points
and Third-Party Access Points
, by MAC and IP address, and allows the system operator to tag and
monitor them as described in the Detecting and Monitoring Rogue Access Points section. Finally, the
AireOS can be used to discourage rogue AP clients by sending them deauthenticate and disassociate
messages from one to four Airespace APs. Because this real-time detection is automated, it saves labor
costs used for detecting and monitoring rogue APs while improving LAN security.
See also Rogue AP Tagging and Containment
.