User's Manual
Table Of Contents
- Welcome to the Airespace Product Guide!
- OVERVIEWS
- About the Airespace System
- About the AireOS
- Single-Airespace Switch or Appliance Deployments
- Multiple-Airespace Switch and Appliance Deployments
- About AireOS Security
- About Airespace Wired Security
- About AireWave Director Software
- About the Master Airespace Switch or Appliance
- About the Primary Airespace Switch or Appliance
- About Client Roaming
- About External DHCP Servers
- About Airespace Mobility Groups
- About Airespace Wired Connections
- About Airespace WLANs
- About File Transfers
- About Power Over Ethernet
- About Airespace Switches and Appliances
- 4012 and 4024 Airespace Wireless Switch Models
- 4101 and 4102 Airespace WLAN Appliance Models
- Airespace Switch and Appliance Features
- Airespace Switch and Appliance Model Numbers
- Airespace Wireless Switch Direct Connect Mode
- Airespace Switches and Appliances in Appliance Mode
- Airespace Wireless Switch Hybrid Mode
- About the Distribution System Port
- About the Service (Management) Port
- About the Startup Wizard
- About Airespace Switch and Appliance Memory
- Airespace Switch and Appliance Failover Protection
- Switched Network Connection to the Airespace Switch or Appliance
- Enhanced Security Module
- About Airespace Access Points
- About Airespace AP Models
- About Airespace AP External and Internal Antennas
- About Airespace AP LEDs
- About Airespace AP Connectors
- About Airespace AP Power Requirements
- About Airespace AP External Power Converter
- About Airespace AP Mounting Options
- About Airespace AP Physical Security
- About Airespace AP Monitor Mode
- About Third-Party Access Points
- About Rogue Access Points
- About the Airespace Control System Software
- About the Airespace Web Browser Interface
- About the Airespace Command Line Interface
- About the Airespace System
- SOLUTIONS
10/10/03 Rogue AP Tagging and Containment
90-100584-004 Airespace Product Guide 61
Rogue AP Tagging and ContainmentRogue AP Tagging and Containment
This built-in detection, tagging, monitoring and containment capability allows system administrators to
take required actions:
• Receive new rogue notifications, eliminating hallway scans.
• Monitor unknown rogues until they are eliminated or acknowledged.
• Determine the closest authorized Airespace Access Points and Third-Party Access Points,
making directed scans faster and more effective.
• Contain rogue APs by sending their clients deauthenticate and disassociate messages from one
to four Airespace APs.
• Tag rogue APs:
- Acknowledge rogue APs when they are outside of the LAN and do not compromise the
LAN or WLAN security.
- Accept rogue APs when they do not compromise the LAN or WLAN security.
- Tag rogue APs as unknown until they are eliminated or acknowledged.
- Tag rogue APs as contained and continue discouraging rogue AP clients from associat-
ing with the rogue AP, by having between one and four Airespace APs transmit deauth-
enticate and disassociate messages to the rogue AP clients. This function can contain
one or more channels on the same rogue AP.
To facilitate automated rogue detection in a crowded RF space, Airespace APs can be configured to
operate in Monitor Mode
, allowing monitoring without creating unnecessary interference.