Cisco Cisco Aironet 350 Mini-PCI Wireless LAN Client Adapter Guia Do Desenho
4-28
Enterprise Mobility 4.1 Design Guide
OL-14435-01
Chapter 4 Cisco Unified Wireless Network Architecture—Base Security Features
Cisco Unified Wireless Security Features
Figure 4-24
Unified Wireless Rogue AP Detection
Air/RF Detection
There are two AP RF detection deployment models:
•
Standard AP deployment
•
Monitor mode AP deployment
Both deployment models support RF detection and are not limited to rogue APs, but can also capture
information upon detection of ad-hoc clients and rogue clients (the users of rogue APs). An AP that is
configured for monitor is dedicated to scanning the RF channels and does not support client association
or data transmission.
information upon detection of ad-hoc clients and rogue clients (the users of rogue APs). An AP that is
configured for monitor is dedicated to scanning the RF channels and does not support client association
or data transmission.
When searching for rogue APs, a LAP goes off channel for 50 ms to listen for rogue clients, and to
monitor for noise and channel interference. The channels to be scanned are configured in the global
WLAN network parameters for 802.11a and 802.11b/g. Any detected rogue clients and/or access points
are sent to the controller, which gathers the following information:
monitor for noise and channel interference. The channels to be scanned are configured in the global
WLAN network parameters for 802.11a and 802.11b/g. Any detected rogue clients and/or access points
are sent to the controller, which gathers the following information:
•
Rogue AP MAC address
•
Rogue AP name
•
Rogue connected client(s) MAC address
•
Whether the frames are protected with WPA or WEP
•
The preamble
•
Signal-to-noise ratio (SNR)
•
Received signal strength indication (RSSI)
221289
Si
Si
NMS
Network
Core
Core
Distribution
Access
Wireless Control
System (WCS)
Wireless LAN Controller
Auto-RRM
ARP Sniffing
RLDP
Rogue
AP
Rogue
AP
Rogue
AP
Si