User's Manual
Table Of Contents
- Getting Started
- Wizards
- Using the Startup Wizard
- Using the Wireless Wizard to Configure the Wireless Settings for ISA550W and ISA570W
- Using the DMZ Wizard to Configure the DMZ Settings
- Using the Dual WAN Wizard to Configure the WAN Redundancy Settings
- Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
- Using the Remote Access Wizard to Establish the IPSec VPN Tunnels or SSL VPN Tunnels for Remote Access
- Status
- Networking
- Configuring IP Routing Mode
- Port Management
- Configuring the WAN
- Configuring the WAN Redundancy
- Configuring the VLAN
- Configuring the DMZ
- Configuring the Zones
- Configuring the Routing
- Dynamic DNS
- IGMP
- VRRP
- Configuring the Quality of Service
- Address Management
- Service Management
- Wireless Configuration for ISA550W and ISA570W
- Firewall
- Configuring the Firewall Access Rules to Control Inbound and Outbound Traffic
- Configuring the Firewall Schedule
- Firewall Access Rule Configuration Examples
- Configuring the NAT Rules to Securely Access a Remote Network
- Configuring the Session Settings
- Configuring the Content Filtering to Control Access to Internet
- Configuring the MAC Filtering to Permit or Block Traffic
- Configuring the IP/MAC Binding to Prevent Spoofing
- Configuring the Attack Protection
- Configuring the Application Level Gateway
- Security Services
- VPN
- About VPN
- Configuring the Cisco IPSec VPN Server
- Configuring the Cisco IPSec VPN Client
- Configuring the Site-to-Site VPN
- Configuring the SSL VPN
- Elements of the SSL VPN
- Configuration Tasks to Establish a SSL VPN Tunnel
- Installing the Cisco AnyConnect VPN Client on User’s PC
- Importing the Certificates for User Authentication
- Configuring the SSL VPN Users
- Configuring the SSL VPN Gateway
- Configuring the SSL VPN Group Policies
- Configuring the SSL VPN Portal
- Configuring the L2TP Server
- Configuring the VPN Passthrough
- Viewing the VPN Status
- User Management
- Device Management
- Remote Management
- Administration
- SNMP
- Configuration Management
- Firmware Management
- Log Management
- Managing the Security License
- Managing the Certificates for Authentication
- Configuring the Email Alert Settings
- Configuring the RADIUS Servers
- Configuring the Time Zone
- Device Discovery
- Diagnosing the Device
- Measuring and Limiting Traffic with the Traffic Meter
- Configuring the ViewMaster
- Configuring the CCO Account
- Configuring the Device Properties
- Configuring the Debug Settings
- Troubleshooting
- Technical Specifications and Environmental Requirements
- Factory Default Settings
- Where to Go From Here
Wireless Configuration for ISA550W and ISA570W
Configuring Wireless Rogue AP Detection
Cisco ISA500 Series Integrated Security Appliance Administrator Guide 173
5
• Security: The security mode used for the selected SSID.
• Encryption: The encryption method used for the selected SSID.
STEP 7 Click Save to apply your settings.
Configuring Wireless Rogue AP Detection
A Rogue access point (Rogue AP) is any Wi-Fi access point connected to your
network without authorization. It is not under the management of your network
administrators and does not necessarily conform to your network security
policies.
A Rogue AP allows anyone with a Wi-Fi-equipped device to connect to your
corporate network, leaving your IT assets wide open for the casual snooper or
criminal hacker.
Rogue APs can be a problem even if your company does not have its own wireless
LAN. Often employees seeking to enhance their productivity will innocently install
an access point for their personal use on your network without understanding the
security risks.
The security appliance is configurable by the network administrator to provide
proactive rogue AP detection in the 2.4 GHz band. Rogue AP Detection (RAD) is
able to discover, detect, and report an unauthorized AP. You can specify an
authorized AP by its MAC address.
STEP 1 Click Wireless -> Rogue AP Detection.
The Rogue AP Detection window opens.
STEP 2 Click On to enable the Rogue AP Detection feature, or click Off to disable it.
STEP 3 After you enable Rogue AP Detection, Rogue APs detected by your security
appliance appear in the Detected Rogue AP list. Click Refresh to update the
Detected Rogue AP list.
STEP 4 To set an AP as an authorized AP, click Grant Access. The granted AP is moved to
the Known AP list.
STEP 5 The security appliance will not detect the authorized APs. You can specify the
authorized APs in the known AP list.