Scanning Access Points

Topics:

•	Active Scanning and Scanning All

•	Scanning SonicPoint by SonicPoint

Active Scanning and Scanning All

Active scanning occurs when the security appliance starts up. You can also scan access point at any time by clicking Scan All… on the SonicPoint > IDS page. When the security appliance performs a scan, the wireless clients will be interrupted for a few seconds. The scan will effect traffic in the following ways:

•	Non-persistent, stateless protocols (such as HTTP) should not exhibit any ill-effects.

•	Persistent connections (protocols such as FTP) are impaired or severed.

•	WiFiSec connections should automatically re-establish and resume with no noticeable interruption to the client.

CAUTION: Clicking Scan All will cause all active wireless clients to be disconnected while the scan is performed. If service interruption is a concern, it is recommended that you do not click Scan Now while the SonicWALL security appliance is in Access Point mode. Wait until there are no clients active or a short interruption in service is acceptable.

Scanning SonicPoint by SonicPoint

You can also scan on a SonicPoint-by-SonicPoint basis, as follows:

1	Select the SonicPoint to view in the SonicPoint: drop-down menu.

2	Click the drop-down menu for --Perform SonicPoint Scan--.

 

 

NOTE: Depending on which SonicPoint model you are using, the following options can be displayed.

•	Scan Both Radios

•	Scan 802.11a Radio (5GHz)

•	Scan 802.11g Radio (2.4GHZ)

•	Scan 802.11n Radio (5GHz)

•	Scan 802.11n Radio (2.4GHZ)

Wireless Rogue Device Detection and Prevention

The SonicPoints can be configured in dedicated sensor mode to focus on rogue device detection and prevention, either passively or proactively on both the 2.4GHz and 5GHz bands. Both bands can be scanned even if only one is in use. The rogue device can be analyzed to report whether it is connected to the network and if it is blocked by a wired or wireless mechanism.

1	Navigate to the SonicPoint > IDS page

2	Click the drop-down menu for --Perform SonicPoint Scan--.

3	Select the type of scan to perform, for example, Scan Both Radios. A pop-up message warns that performing the scan will cause all current wireless clients to be disconnected.

4

Click OK.

Authorizing Access Points

Access Points that the security appliance detects are regarded as rogue access points until the security appliance is configured to authorize them for operation.

To authorize an access point, perform the following steps:

1	Click the Edit icon in the Authorize column for the access point you want to authorize. A pop-up is displayed.

2

Click OK.

You can verify that authorization was successful by checking the address object was created.

1	Navigate to the Firewall > Address Objects page.

2	Click the Configure icon for All Authorized Access Points.

3	Verify that the access point’s MAC address has been added.

4

Click OK.