Cisco Cisco 5508 Wireless Controller Referencia técnica
5
Rogue Management in a Unified Wireless Network using v7.4
Rogue Management Theory of Operation
Rogue Management Theory of Operation
Rogue Detection
A rogue is essentially any device that is sharing your spectrum, but is not in your control. This includes
rogue Access Points (APs), wireless router, rogue clients, and rogue ad-hoc networks. The Cisco UWN
uses a number of methods to detect Wi-Fi-based rogue devices including off-channel scanning and
dedicated monitor mode capabilities. Cisco Spectrum Expert can also be used to identify rogue devices
not based on the 802.11 protocol, such as Bluetooth bridges.
rogue Access Points (APs), wireless router, rogue clients, and rogue ad-hoc networks. The Cisco UWN
uses a number of methods to detect Wi-Fi-based rogue devices including off-channel scanning and
dedicated monitor mode capabilities. Cisco Spectrum Expert can also be used to identify rogue devices
not based on the 802.11 protocol, such as Bluetooth bridges.
Off-Channel Scanning
This operation is performed by Local mode and FlexConnect (in connected mode) APs and utilizes a
time-slicing technique that allows client service and channel scanning using the same radio. By going
off channel for a period of 50ms every 16 seconds, the AP, by default, only spends a small percentage of
its time not serving clients. Also, note there is a 10ms channel change interval that will occur. In the
default scan interval of 180 seconds, each 2.4Ghz FCC channel (1-11) is scanned at least once. For other
regulatory domains, such as ETSI, the AP will be off channel for a slightly higher percentage of time.
Both the list of channels and scan interval can be adjusted in the RRM configuration. This limits the
performance impact to a maximum of 1.5% and intelligence is built into the algorithm to suspend
scanning when high-priority QoS frames, such as voice, need to be delivered.
time-slicing technique that allows client service and channel scanning using the same radio. By going
off channel for a period of 50ms every 16 seconds, the AP, by default, only spends a small percentage of
its time not serving clients. Also, note there is a 10ms channel change interval that will occur. In the
default scan interval of 180 seconds, each 2.4Ghz FCC channel (1-11) is scanned at least once. For other
regulatory domains, such as ETSI, the AP will be off channel for a slightly higher percentage of time.
Both the list of channels and scan interval can be adjusted in the RRM configuration. This limits the
performance impact to a maximum of 1.5% and intelligence is built into the algorithm to suspend
scanning when high-priority QoS frames, such as voice, need to be delivered.