Q: How can I eliminate rogue access points from my network?

A: To eliminate rogue access points (APs), you first need to find them. And to do that, you need to be close enough to sniff them over the air.

There are plenty of solutions for doing so. The right solution for you depends on whether the issue is such a seismic problem that you need to monitor everywhere 24/7 or whether you can periodically sweep the building.

If you need constant monitoring, you need to install additional APs in monitor mode across your site. These APs are in a constant listening mode. They will alert you to anomalies such as unapproved AP models. This type of system is called a wireless intrusion detection system (WIDS) or wireless intrusion prevention system (WIPS). The difference is that the latter actually takes steps to prevent the rogue AP from operating.

If you don't want to go to this expense or don't need this level of protection, then you can send someone out to the network location with a spectrum analyzer. This person can literally walk the corridors looking for sources of interference. You can buy a fairly inexpensive tool such as MetaGeekChanalyzer or a more sophisticated tool such as Cisco Spectrum Expert or Fluke AirMagnet Analyzer.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.