Controllerless Networks

Reply
Highlighted
Occasional Contributor II

Airwave + IAP rouge containment

Hello 

 

My boss asked about what we can do about true rouge AP 

1. we can detect with the IDS rules, I have this working on our entire deployment 

2. in our LAB I want to test that if our ssid test-123 and some set "test-123" or similar we can do a Manual contain (for example test-456 should alert)

3. I have my phone doing a fake "test-123" or "test-456"

 

Air wave detected as a rouge, i manually set to "contain" 

 

however nothing happens devices can connect to it no issue 

 

I have the IDS settings set up on the IAP config via airwave as well i have tri Tarpit invlaid and all 

 

but still nothing i'm not sure if i'm missing a step or if this a controller only thing 

as a side note i have IAP in my house (no airwave) and I cannot get them to block ether. 

 

we have a pen test coming and i would really like this to work 

Frequent Contributor II

Re: Airwave + IAP rouge containment

Hello Andrew,

 

We will work with you on this by creating a case, basically TAC needs to test this out in-house or work with IAP engineers, to see if the containtment is happening correctly, from IAP's. i have your email, i will create a case to work with you.

-If you got what you need with my answer please give kudos and mark it as solution.
Occasional Contributor II

Re: Airwave + IAP rouge containment

Thank you plese let me know the results. 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: