Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Keep Wi-Fi rogues under control

Without shutting down Starbucks hotspots.

Article comments

It’s critical to scan the 2.4 GHz and 5 GHz airwaves across all 802.11a/b/g Wi-Fi channels (both local and international ones) to detect “rogue” devices in your Wi-Fi network. Among the situations you will likely want to quash:

  • Unauthorised Wi-Fi access points (AP) connected to your network.
  • Authorised Wi-Fi client devices mistakenly associating to an unauthorised AP.
  • Unauthorised Wi-Fi clients connecting to your own authorised APs.

With a wireless intrusion detection and prevention system (WIDP), you define a rogue by your own organisation’s policy and program the system how to treat one if discovered. The various available WIDP systems can detect differing variables about devices in your airspace.

Some considerations

  • Does your WIDP system classify clients? If not, it will be difficult to spot and fix one of your authorised client devices associating to a rogue AP.
  • Can your WIDP system tell if an unauthorised device is attached to your wired network? Those from AirDefense, AirTight Networks, Aruba Wireless Networks and Network Chemistry are among those that can. There are others that detect all APs and report any unknown ones as rogue (connected or not). It isn’t necessarily sound policy to auto-contain these devices, as they could belong to another legitimate operator.
  • In many enterprises, APs supporting “Draft 802.11n” technology will be considered rogue until a standard is ratified. Can your WIDP system identify and categorise them?

Other tips

  • Security staffs should work with their internal legal counsel to set up wireless intrusion policies, says Brian de Haaff, vice president of marketing at Network Chemistry. “Make sure you have a written policy on what [devices] you will shield and what you won’t. Make that policy well-known through the organisation.”
  • Find out whether your WIDP system ships with auto-containment enabled or disabled. From there, determine how or if to tweak the default settings to match your policy. Mike Puglia, Bluesocket senior director of product marketing, discourages automatically blocking rogues. Bluesocket and Network Chemistry WIDPs are among those that ship with auto-containment off.
  • Determine what to do with devices that have been detected but are as yet uncategorised. Sri Sundarilingam, director of product management at AirTight, says the many minutes it can take to categorise an active device could present a security risk. Some AirTight defense customers in fairly isolated locations automatically disable not only devices proven to be violating policy but those uncategorised as well. The probability is high that these uncategorised devices will prove to be rogue, he says. However, the same assumptions shouldn’t be made in a multi-tenant building or other crowded setting.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *