We are revisiting this at the moment. At this stage we won’t be worrying about the interference side so are looking more at security. So anything advertising our SSID’s and any devices on wired that offer open auth will be first targets. Then potentially onto all other wired devices offering networks (they should be using the enterprise network). It’s doubtful we’ll go much further than that but the plan is still developing.
Interfering devices will be targeted if they are found to be causing major problems, but there’s just too many rogues to go out there trying to track them all down. -- Jason Cook The University of Adelaide, AUSTRALIA 5005 Ph : +61 8 8313 4800 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Watters, John Sent: Saturday, 27 February 2016 2:20 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] Rogue AP's We are a Cisco shop that uses the Airwave AMPs for management. We let the AMPs contain the rogues. It works reasonably well and certainly beats trying to it do it manually on the controllers. Right now we are seeing 2,279 rogues on our campus with the biggest category being HP printers. We do have a policy that tells folks not to do this. But, there is really no penalty to them for ignoring the policy. On a related note our legal folks are considering whether to let us continue to try to contain rogues on campus. Has any other campus been told not to do rogue containment? -jcw [UA Logo] John Watters The University of Alabama Office of Information Technology 205-348-3992 From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Tim Tyler Sent: Friday, February 26, 2016 8:40 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: [WIRELESS-LAN] Rogue AP's Wireless managers, {cross referenced with NETMAN} I am wondering if anyone has found an automatic way to block rogue AP’s on your network. I know I can get a report from Airwave on rogue AP’s, but it seems like it would be time consuming to go after each of them individually. I am curious how some of you handle this. Do you have a method for blocking them? Also, there are other products beginning to broadcast their own ssid as well including printers, connectify, etc. How do you handle them? Do you even have policy restricting those from your network? Tim Tyler Network Engineer Beloit College ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.