Managing Wireless Networks
EPICenter Concepts and Solutions Guide
126
Detecting Rogue Access Points
Rogue access points (APs) occur when someone other than your network administrator connects an AP
to your enterprise network. Because APs are inexpensive and simple devices, this is not an uncommon
occurrence in an enterprise network. These rogue APs are a security breach that may open your
network to intruders anywhere within range of the rogue AP. You must detect and remove these rogue
APs to ensure a secure enterprise network.
Rogue AP detection works by detecting other APs broadcasting on the in-service channel. APs that are
not known (managed) Extreme APs or already in the Safe AP list, then the AP is listed as a rogue.
Rogue AP detection can also scan periodically on the out-of-service channels if that capability is enabled
in the Extreme switch. Refer to the Extreme Networks software guide appropriate for your switch for
configuring this capability. You can add non-Extreme APs to the Safe AP list to keep them from being
marked as Rogue APs.
APs are marked as rogues in Extreme Networks switches by detecting when a new AP shows up on the
network that does not appear in the list of authorized APs. The Rogue AP Report in EPICenter lists
these unauthorized APs and gives details on the AP model, operating characteristics, and the interface
that detected the rogue AP.
Enabling Rogue Access Point Detection
You must configure EPICenter to enable rogue AP detection. To do this, you configure authorized APs
using the Safe AP MAC Address List. The Safe AP Mac List shows the list of MAC addresses that
belong to Access Points that have been determined to be legitimate and added to this list. If you are an
Administrator (with the Administrator role) you can also manage the list of safe MAC addresses
through this page, by importing lists of MAC addresses or deleting the list. You can add individual
MAC addresses to this list either through importing a list of safe MAC addresses, or by adding
individual MAC addresses to the safe list.
Import Safe MAC Address List
To import a safe MAC address list, you must have write access privileges to EPICenter and follow these
steps:
1 Click on the Reports button in the EPICenter Navigation bar and select the Safe AP MAC List.
2 Use the Browse button to browse your local system for the safe MAC address list you want to
import.
The input list is simply a text file with MAC address and optional description, separated by a
comma, with one MAC address per line.
3 Click Submit to upload the selected safe MAC address list.
Adding Individual Devices to the Safe List
To add any AP that appears in the Wireless Rogue AP Report into the Safe AP MAC Address List,
follow these steps:
1 Click on the Rogue AP MAC address in the Wireless Rogue AP Report that you want to add to the
safe AP MAC address list. This opens the Rogue Access Point Detail Report.
2 Verify that this is a properly configured AP that you want to add to your safe list.
To Next Page
Loading...
Need help?
General
