The short answer is don’t do this. The longer answer is the FCC frowns on rogue 
mitigation:
https://nakedsecurity.sophos.com/2015/08/19/fcc-fines-company-750000-for-disabling-conference-hotspots/
Look at the notice from the FCC down about ½ the page.


Thomas Carter
Network & Operations Manager / IT
Austin College
900 North Grand Avenue
Sherman, TX 75090
Phone: 903-813-2564
www.austincollege.edu<http://www.austincollege.edu/>

From: The EDUCAUSE Wireless Issues Community Group Listserv 
<WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> On Behalf Of Sidharth Nandury
Sent: Monday, October 28, 2019 10:34 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Aruba Wireless - IDS: Protect-SSID

All,

We have been asked to look into rogue WAP detection and mitigation. We are an 
Aruba shop for wireless and are running v6.5.4.12. After doing some research 
and looking at Airheads posts, it lead to me a configuration called "Protect 
SSID" in the IDS profile. Though I have successfully tested this in a lab 
environment and it seems to be "protecting" valid SSID's (ones that I have 
configured), I am a little apprehensive about simply turning this on due to the 
ramifications that it might cause.

I am wondering if anyone here has used this setting to help with mitigating 
rogue SSID broadcasts and protecting your clients connecting to these rogue 
WAPs. I would also love to hear about any pitfalls with turning this on, and 
any other gotchas that I might need to keep in mind other suggestions about 
rogue WAP detection and mitigation, I would love to hear them. Please feel free 
to reach me off this list if you wish.

Please let me know if any additional information is needed on my end. Thank you 
for your time.

Regards,
Sid

--
[Denison University 
Logo]<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu&c=E,1,3SbNFzUhQ1cH6_YJ_S_MgdUv2bQAdcJE20ihzEFSulcA0CnvyieJIGu9ddNCYI_GLMy3AeMp5gwCHqsuqX7y9OwV8bxgkwk9opmVKUTS&typo=1>

Sidharth S. Nandury
Network Engineer
Information Technology Services

100 West College Street, Granville, OH 
43023<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdeniso.nu%2f2qF6h7M&c=E,1,V2G7R1vyiWtcQB3ly-PYWUU7J291jCALtZFeYgmVv7l6iR94Bj0GCw4pPxgnV9rzPPH5KQbHIsZ86gYOQYd220ayxc-jaIweLjo63_CGS2XiXalaq6Q3ABGJ&typo=1>
 | Fellows 
003C<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu%2fmap&c=E,1,6MitBRcDdjxKiLUIU8aEWs_xpSvvxfkXvM3JRSDnEQbhnszUrJ7-F8fgTWsTq6b6Oj2VtrycdyDJ-9o_dPzhBisePSMH5rwoNy2P-FlEB4eMgrpeKQ,,&typo=1>
Office: 740-587-5533 | Mobile: 516-314-4413
nandu...@denison.edu<mailto:nandu...@denison.edu>
https://denison.edu/campus/technology<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fdenison.edu%2fcampus%2ftechnology&c=E,1,oLheI3NnrW-G-FZl319tjZwIagvq8A0Zh9NSrzKAm6ySX_zHxtyhxT3mrGS_cc4QXV289aOvH2idRvYnktvQLg8jIr3IeldKH-qcOvJ3TWQ0PA,,&typo=1>

Please consider the environment before printing this email.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fwww.educause.edu%2fcommunity&c=E,1,iyHWPoELYm0sy5dXaVv7Ez_A8r2zHFQyfTUG2dakocGNuhYkE7XGVKiX88z9WlqprbrBrSKw-0QXKT_H-p3EPuUwLGvjmwy83Mz98Hrscw,,&typo=1>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community 
list. If you want to reply only to the person who sent the message, copy and 
paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Reply via email to