Security

Hi Guys,

I have a small technical question regarding AirWave abilities.

I have a client that asked me the following question: Can AirWave RAPIDS to identify a change in the encryption type of allowed SSID and block this SSID function in the area of coverage? (It's an Aruba Controller envrioment)

For example: Let's say I marked an SSID named "ASA" encryption type WPA-2 Personal to be allowed to work in my environment, and a few days passing and then one of the IT guys changing he encryption type to WPA-1 Personal or WEP or lower. Is the AirWave will notice & block & report about this change?

Please advise.

Thanks in advance.

Me.

Hi AirHeads  :smileyhappy:  and GoodNight,

Earlier today I got an answer from the TAC team regarding my question,so I'm sharing with you guys the answer as well:

• Regarding Aruba Controller Based Environment.

Yes, if the AP is not connected to the controller, it will be automatically detected as an interfering device and classify that AP as rogue based on the rules. However, the encryption change will not be detected by the controller, it will show us only the current encryption used by that AP

• Regarding AirWave capabilities:

> The RAPIDS is to only classify the unknown APs as rogue.

> The encryption changes can be seen using running a PCI compliance report.

> Changing the encryption type of Rogue APs could not be seen in Airwave.

Hope those answers will help other as well.

Have a happy 2013 u all.

AirHeads Rocks!