74
Performing Advanced Configuration
Rogue Access Point Detection (RAD)
The Rogue AP Detection (RAD) feature provides an additional security level for wireless LAN deployments. Rogue AP
detection provides a mechanism for detecting Rogue Access Points by utilizing the coverage of the trusted Access
Point deployment.
The Rogue AP Scan employs background scanning using low-level 802.11 scanning functions for effective wireless
detection of Access Points in its coverage area with minimal impact on the normal operation of the Access Point.
This RAD feature can be enabled on an Access Point via its HTTP, CLI, or SNMP Interfaces. The scan repetition
duration is configurable. If the Access Point uses directional antennas to provide directional coverage, then the
interface bitmask can be configured to maximize the scanning coverage area. The Access Point will periodically scan
the wireless network and report all the available Access Points within its coverage area using SNMP traps. For
additional reliability the results are stored in the Access Point in a table, which can be queried via SNMP. The BSSID
and Channel number of the detected Access Points are provided in the scan results.
The RAD scan is done on a channel list initialized based on the regulatory domain of the device. The RAD Scan then
performs background scanning on all the channels in this channel list using 802.11 MAC scanning functions. It will
either actively scan the network by sending probe requests or passively scan by only listening for beacons. The access
point information is then gathered from the probe responses and beacons.
To minimize traffic disruption and maximize the scanning efficiency, the RAD feature employs an enhanced
background-scanning algorithm and uses the CTS to Self mechanism to keep the clients silent. The scanning
algorithm allows traffic to be serviced between each channel scan. Before start of every scan (except scan on the
working channel) the CTS to self-mechanism is used to set the NAV values of clients to keep them silent during the
scanning period. In addition, the scan repetition duration can also be configured to reduce the frequency of RAD scan
cycles to maximize Access Point performance.
RAD Configuration Requirements
The RAD feature can be configured/monitored via the HTTP, CLI, or SNMP management interfaces.
The following management options are provided:
• The RAD feature can be enabled or disabled.
• The repetition interval of RAD can be configured.
• The interface on which RAD can operate can be configured.
• SNMP Traps are sent after completion of a RAD scan cycle and also whenever a new Access Point is detected.
Figure 4-18 Example Rogue AP Detection Deployment
Additionally, the RAD scan results are maintained in a table that can be queried via SNMP. The system administrator
has to enable RAD on the Access Points in the wireless network and also configure the Trap Host on all these Access
Management Station
Trusted AP
Rogue AP