Authorized Client Connected To Rogue AP

Toll Free US: +1 888 720 9500 | Intl: +1 925 924 9500

WiFi Manager

WLAN Management

WiFi Manager is an integrated management & security solution for WLANs:

Multi-vendor/model access point monitoring and management
Easy and uniform configuration templates
Visually manage multi-site, distributed environments
Robust reporting abilitiess

Success Stories
"I am impressed with WiFi Manager's features, given its reasonable cost." - Alan Ballenberger, Siena Heights University. » Download free edition | 30-day trial

Authorized client connected to Rogue AP

WiFi Manager monitors the users and their association patter in the WLAN -

Who are using the wireless LAN.
To which Access point they are associated.
When they were associated and what was the session duration etc.,

WiFi Manager triggers this alarm when it finds a trusted user of the WLAN associated with a rogue Access point.

What does this alarm signifies ?

This alarm may signify the presence of a rogue Access point in the WLAN somewhere within the range of the mobile user.
This may also signify the presence of a new Access point which is not yet added to the authorized list.
This may also be because of a Access point in the neighbouring premises beaming signal in to the corporate LAN and the user accidentally getting associated with the same.

What will be the impact ?

If such wrong associations are triggered by hackers of the WLAN (by masquerading as authorized Access point) then they will be able to exploit such associations. They will get access to the client devices and the information in it which can later be used to gain access to the corporate LAN or to steal information from the network.

What should the WLAN Administrator do ?

They should immediately analyze the cause of the alarm and take corrective action. If the alarm is triggered by the presence of a rogue Access point then they have to take immediate steps to shut it down. Shutting down of rogue Access points can be done using the "Block AP" feature in WiFi Manager.

Intrusion Rogue Block

On the other hand if the alarm is because of the client associating itself with a new unconfigured Access point, then the administrators should take immediate to steps to configure the same in line with the corporate security policies and add that Access point to the trusted list of devices.

To add the AP to the authorized list, we can choose the AP and then Mark it as "Trusted".

If the client has associated with an Access Point from a neighboring LAN (AP that is not physically connected to your wired network but beaming its signals into your network) then you have to disassociate your client and force it to connect using the authorized SSIDs alone. You should also Mark the AP as "friendly" for WiFi Manager to stop monitoring it. You should enforce that all your authorized users should connect only using the SSIDs available in your authorized SSID list.

Adhoc Network

AP Uses HotSpot SSID

Enterprise Management & Security Products
Active Directory Management Application Monitoring Asset Management Customer SupportDesk Desktop Management EventLog Analyzer Facilities Management Firewall Analyzer Free Active Directory Tools Free Windows Tools HelpDesk Hosted Website Monitoring Service	MSP Platform Network Configuration Management Network Monitoring Network Security Scanner Patch Management Password Management Self-Service Password Management Storage Management Software Switch Port & IP Address Management Traffic Analysis & Network Forensics VoIP Monitoring WiFi Manager

Features

White Papers

Forums |

Blogs

View All Forums

	AdventNet, Inc. All rights reserved. Trademarks \| Privacy Policy \| Site Map \| Contact Us \| Careers \| Tell Us