All, We have been asked to look into rogue WAP detection and mitigation. We are an Aruba shop for wireless and are running v6.5.4.12. After doing some research and looking at Airheads posts, it lead to me a configuration called "Protect SSID" in the IDS profile. Though I have successfully tested this in a lab environment and it seems to be "protecting" valid SSID's (ones that I have configured), I am a little apprehensive about simply turning this on due to the ramifications that it might cause.
I am wondering if anyone here has used this setting to help with mitigating rogue SSID broadcasts and protecting your clients connecting to these rogue WAPs. I would also love to hear about any pitfalls with turning this on, and any other gotchas that I might need to keep in mind other suggestions about rogue WAP detection and mitigation, I would love to hear them. Please feel free to reach me off this list if you wish. Please let me know if any additional information is needed on my end. Thank you for your time. Regards, Sid -- [image: Denison University Logo] <https://denison.edu> *Sidharth S. Nandury* *Network Engineer* Information Technology Services 100 West College Street, Granville, OH 43023 <https://deniso.nu/2qF6h7M> | Fellows 003C <https://denison.edu/map> Office: 740-587-5533 | Mobile: 516-314-4413 [email protected] https://denison.edu/campus/technology *Please consider the environment before printing this email.* ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
