Scheduling Rogue Access Points Reporting

Rogue Access Points have emerged as one of the most serious and insidious threats to wireless security. In general terms, an access point is considered rogue when it has not been authorized for use on a network. The convenience, affordability and availability of non-secure access points, and the ease with which they can be added to a network creates a easy environment for introducing rogue access points. Specifically, the real threat emerges in a number of different ways, including unintentional and unwitting connections to the rogue device, transmission of sensitive data over non-secure channels, and unwanted access to LAN resources. So while this does not represent a deficiency in the security of a specific wireless device, it is a weakness to the overall security of wireless networks.

The security appliance can alleviate this weakness by recognizing rogue access points potentially attempting to gain access to your network. It accomplishes this in two ways: active scanning for access points on all 802.11a, 802.11g, and 802.11n channels, and passive scanning (while in Access Point mode) for beaconing access points on a single channel of operation.

To schedule a Rogue Access Point report, click the Schedule Rouge Access Point Report link located at the bottom of the Wireless > IDS page. This redirects you to the Universal Scheduled Reports > Configuration Manager page, where you can schedule the Rogue Access point report in the Policies tab. Rouge Access Point reporting is not supported at Global level, only Group and Unit levels. Refer to Using the Universal Scheduled Reports Application for details on configuring Universal Scheduled Reports.

NOTE: Wireless Rogue Access Point Reporting is supported on SonicOS Enhanced 5.6 or higher firmware.