Wireless Access

Hi,

 

We have a huge setup of Aruba across with different controllers and APs. We keep seeing to many Rogues and suspected Rogues in Airwave based on the classification rules in RAPIDS. All our controllers are 6.3.1.5 and above. We are not using RF protect license.

 

My questions are:

How do I contain these rogue APs? is it possible without RF protect license to contain in anyway these Rogues?

If we purchase RF protect license will we be able to contain rogues without dedicated AMs? will the IDS profile settings apply without the WIPS license?

 

Appreciate your suggestions, this is becoming a concern for us.

 

Thanks

Can you define contain for us?

Rogue is often an overused term. A rogue is only one that is plugged into your network and is the only one you can legally take action on.

Sent from Nine<>

Hi,

 

Yes, that is what I understand as a rogue. In Airwave RAPIDS we have setup Rule for rogue classification which has LAN and WLAN for detection. By contain I mean I want to stop the device from connecting on our network.

 

On the controller if i select a AP classified as Rogue and manually contain it, what happens to the Rogue? even without WIPS are deauth frames sent to the Rogue AP? will it stop the Rogue getting on the network?

 

Thank you guys for your time and suggestions.

 

Regards,

 

 

You would need to physically disconnect the device or shut the switchport down.

Hi,

 

Without RF protect license we can detect the rogues and we can do basic containment but inorder to define customised rogue classification rules and other containment methods RF protect license is mandatory  

 

Rogue detection and containment can be done without a dedicated AM also.

 

For ref :

 

Bellow is the snapshot of a controller without RF protect license.

 

Here under we can list all the rogues classified by the controller and we can contain mannually.

 

 

Hope got more clarity on this,

 

Please feel free for any further assistance on this.