02-07-2013 07:16 AM
Probably one for the security junkies here. Been a while since I saw a customer buy a WIP(RFP) license!
Consider RAPs, and in this case, a customer has an RFP license obviously.
My theory here is that I want RFP on the campus (configure that in detail later), but NOT on their RAPs. This is obviously because we want to avoid detecting rogues in user homes, ad-hocs in user homes etc. That's not really any of our business what they're doing! So as far as I can see, the best way to achieve this is by applying an unauthorized-device-profile into the ap-group, that has everything turned off, thus...
ids unauthorized-device-profile "detection-disabled"
Anybody care to suggest a flaw in this plan or thinking? Assume the corporate laptop at home is locked down by AD.
03-01-2013 10:01 AM
Have you got Airwave? If so, you can ignore Rogues from remote-aps.
By disabling that profie, wouldn't it affect the ability to discover those IDS events at the campus level?
Unless you have a specific AP group for Campus and 1 for RAPS at which point you can configure a IDS profile for the campus and do what you suggested for the RAP AP Group
ACDX #420 | ACMP
[If you found my post helpful, please give kudos!]