User guide

HWC_Mitigator.fm

A31003-W1010-A100-1-7619, July 2005

HiPath Wireless Controller, Access Points and Convergence Software V3.0: User Guide

129

Mitigator: detecting rogue access points

Overview

11 Mitigator: detecting rogue access points

11.1 Overview

The Controller, Access Points and Convergence Software system includes a mechanism that

assists in the detection of rogue access points. The function is called the Mitigator.

The Mitigator feature has three components:

● a radio frequency (RF) scanning task that runs on the Wireless AP. The Wireless AP itself

functions as a scan device. Its scan function alternates with providing its regular service

the wireless devices on the network. You set up the scan parameters in the Mitigator user

interface.

● an application called the RF Data Collector (RFDC) on the HiPath Wireless Controller that

receives and manages the RF scan messages sent by the Wireless AP. The scan data

includes lists of all connected Wireless APs, third Party APs and other friendly APs and the

RF scan information that has been collected from the Wireless APs.

● an Analysis Engine on the HiPath Wireless Controller that processes the scan data from

the RFDC through algorithms that make decisions about whether a detected access point

is a rogue access point.

To use the Mitigator, you must first enable it in the HiPath Wireless Controller Configuration

area of the user interface.

In a network with more than one HiPath Wireless Controller, the analysis engine

should be active on only one HiPath Wireless Controller that communicates with the

RFDC applications running on itself and on the other HiPath Wireless Controllers on

the network. Ensure that these are all routable.