Proxim AP-2000 manual Rogue Access Point Detection RAD, RAD Configuration Requirements

Performing Advanced Configuration

Rogue Access Point Detection (RAD)

The Rogue AP Detection (RAD) feature provides an additional security level for wireless LAN deployments. Rogue AP detection provides a mechanism for detecting Rogue Access Points by utilizing the coverage of the trusted Access Point deployment.

The Rogue AP Scan employs background scanning using low-level 802.11 scanning functions for effective wireless detection of Access Points in its coverage area with minimal impact on the normal operation of the Access Point.

This RAD feature can be enabled on an Access Point via its HTTP, CLI, or SNMP Interfaces. The scan repetition duration is configurable. If the Access Point uses directional antennas to provide directional coverage, then the interface bitmask can be configured to maximize the scanning coverage area. The Access Point will periodically scan the wireless network and report all the available Access Points within its coverage area using SNMP traps. For additional reliability the results are stored in the Access Point in a table, which can be queried via SNMP. The BSSID and Channel number of the detected Access Points are provided in the scan results.

The RAD scan is done on a channel list initialized based on the regulatory domain of the device. The RAD Scan then performs background scanning on all the channels in this channel list using 802.11 MAC scanning functions. It will either actively scan the network by sending probe requests or passively scan by only listening for beacons. The access point information is then gathered from the probe responses and beacons.

To minimize traffic disruption and maximize the scanning efficiency, the RAD feature employs an enhanced background-scanning algorithm and uses the CTS to Self mechanism to keep the clients silent. The scanning algorithm allows traffic to be serviced between each channel scan. Before start of every scan (except scan on the working channel) the CTS to self-mechanism is used to set the NAV values of clients to keep them silent during the scanning period. In addition, the scan repetition duration can also be configured to reduce the frequency of RAD scan cycles to maximize Access Point performance.

RAD Configuration Requirements

The RAD feature can be configured/monitored via the HTTP, CLI, or SNMP management interfaces. The following management options are provided:

•The RAD feature can be enabled or disabled.

•The repetition interval of RAD can be configured.

•The interface on which RAD can operate can be configured.

•SNMP Traps are sent after completion of a RAD scan cycle and also whenever a new Access Point is detected.

Management Station

Figure 4-18 Example Rogue AP Detection Deployment

Additionally, the RAD scan results are maintained in a table that can be queried via SNMP. The system administrator has to enable RAD on the Access Points in the wireless network and also configure the Trap Host on all these Access

74