Cisco Cisco Aironet 3500i Access Point White Paper
Copyright © 2010 Miercom
Cisco CleanAir Competitive
Page 14
Rogue Devices on Non-Standard Channels
Because rogue devices can compromise the wired network by allowing “back door” access, the
access points were tested to see if they would detect such a threat.
access points were tested to see if they would detect such a threat.
We configured a Cisco AP as a workgroup bridge and placed it on Channel 36. We gave this
bridge an SSID of “Stealth” and then checked to see if it was detected.
bridge an SSID of “Stealth” and then checked to see if it was detected.
Cisco correctly identified the bridge as a rogue AP. Trapeze also correctly identified the rogue.
Motorola detected it as an “Unsanctioned BSS.” HP also detected it as a rogue and Aruba
detected the SSID of “Stealth.” Meru did not detect the rogue.
Motorola detected it as an “Unsanctioned BSS.” HP also detected it as a rogue and Aruba
detected the SSID of “Stealth.” Meru did not detect the rogue.
Virtually all APs were able to detect a rogue device placed in the network. We then wanted to
test what would happen if a rogue is configured off-channel. There are products available which
enable users to alter the center frequency of Atheros-based chipsets that are used in the
majority of Wi-Fi access points, and thereby hide them from the network. To determine if this
type of off-frequency rogue could be detected, the center frequency of our rogue was altered to
5.189GHz. We reran the test after placing it between channels 36 and 40.
test what would happen if a rogue is configured off-channel. There are products available which
enable users to alter the center frequency of Atheros-based chipsets that are used in the
majority of Wi-Fi access points, and thereby hide them from the network. To determine if this
type of off-frequency rogue could be detected, the center frequency of our rogue was altered to
5.189GHz. We reran the test after placing it between channels 36 and 40.
Cisco was able to correctly identify the rogue as “Wi-Fi invalid channel” and mapped its location.
All other vendors scanned for off-channels, but not off-frequencies. Aruba was unable to detect
the rogue at its new frequency, as were Trapeze, Motorola, HP and Meru.
All other vendors scanned for off-channels, but not off-frequencies. Aruba was unable to detect
the rogue at its new frequency, as were Trapeze, Motorola, HP and Meru.