12-1
v1.0, June 2007
Chapter 12
Configuring Wireless Intrusion Protection
This chapter outlines configuring various wireless intrusion protection features. The topics
covered are:
• “Rogue/Interfering AP Detection” on page 12-1
• “Misconfigured AP Detection” on page 12-5
Rogue/Interfering AP Detection
The most important intrusion protection functionality offered in the WFS709TP ProSafe Smart
Wireless Switch system is the ability to classify an access point as either a rogue AP or an
interfering AP. An AP is considered to be a rogue AP if it is both unauthorized and plugged into
the wired side of the network. An AP is considered to be an interfering AP if it is seen in the RF
environment but is not connected to the wired network. While the interfering AP can potentially
cause RF interference, it is not considered a direct security threat.
You can enable a policy to automatically disable APs that are classified as rogue APs by the
system. When a rogue AP is disabled, no wireless stations are allowed to associate to that AP.
Refer to “Configuring Rogue AP Detection” on page 12-4 for details on how to configure Rogue
AP detection, classification, and containment.
You can manually reclassify an interfering AP. Refer to “Classifying APs” on page 12-2 for details
on how to change the classification of an AP.