ManageEngine™ WiFiManager 5
<< Prev	Chapter-5.5 - How to Detect Rogue APs	Next >>

Rogue Detection

WiFi Manager has the capabilities to detect unauthorized APs or mobile users in the network. To detect these rogue devices, you need to maintain the authorized MAC list/vendor list/SSID list in the Rogue detection option. Based on these authorized values, WiFi Manager detects the presence of unauthorized devices in the network . This it does with the use of multiple rogue detection techniques like SNMP, AP scan, HTTP and WMI,for Rogue Detection.

Import the authorized MAC list for rogue detection

Under the Rogue Detection feature, there is provision to maintain a list of MAC addresses as Trusted MACs in WiFi Manager. Whenever a new Access Point/Mobile unit is added for discovery, its MAC is compared to the Trusted List of MACs that is maintained. Those MACs which do not match the trusted list, are detected as Rogue APs/Clients.

The Import from CSV file is useful in this case. Here, you can maintain the list of MACs in a CSV file and easily import these details into the Trusted AP list.

To be able to import the details of the CSV file in this feature, the format of the CSV file is given below:

Note:The Mac Address should be given as the first column in each row of device details.

MAC Address,----------,-----------,---------,---------

Rogue Detection based on MAC

To configure the rogue detection settings, follow the procedure given below:

Select Admin tab
Choose Rogue Detection option in the left hand side.
Fill in the MAC address of your access point or mobile unit (which you want to be identified as a authorized device) and click ADD. [Note: Marking the device as TRUSTED from the inventory tab also has the same effect.]
Click Save to finish.

Rogue Detection based on SSID

Select Admin tab
Choose Rogue Detection option in the left hand side.
Fill in the SSID (which you want to be identified as a authorized SSID) and click ADD. [Note: All devices using this SSID will be assumed as authorized devices.]
Click Save to finish.

Rogue Detection based on Vendor

Select Admin tab
Choose Rogue Detection option in the left hand side.
Choose the vendor name from the list or input the vendor's OUI and click add. All devices with this OUI will be assumed to be authorized devices. [Refer note below for details on what a OUI is.]
Click Save to finish.

Rogue Detection based on Channels

Select Admin tab
Choose Rogue Detection option in the left hand side.
Choose the channel, which you want to be marked as authorized, and click add. All devices operating in this channel will be assumed to be authorized devices.
Click Save to finish.

<< Prev	How to Detect Rogue APs	Next >>
Configure-APs		Configure ACL