|Rogue Detection is a useful tool that I use often. First devices get "discovered" by various scans, then utilizing all the host information displayed by OpUtils you can classify the host as either Trusted, Guest, or Rogue. If you classify the host as rogue you can block the device right from the Rogue Detection tool.|
|- Carl Vonhassel, State of Connecticut Judicial Branch|
OpUtils periodically scans the routers and subnets to detect any new systems/devices found in the network. Initially it lists all the systems/devices discovered in the network. The Administrator has to verify and mark all the valid systems/devices in the network. During subsequent scans, if any new device/system is detected in the network, it get listed. This includes all types of devices like desktops/laptops (wired), mobile users (wireless), routers, switches, etc.
Initially, OpUtils will list all the discoverd systems. The Administrator has to verify and mark all the valid network systems/devices as Trusted. The systems/devices that are marked as trusted will not be shown as rogue again.
When an unauthorised rogue system is found in the network, the Administrator can mark them as a Rogue Device and take appropriate action.
There might be situations where there is a need to allow certain systems to access the network resources for a temporary period. For example, a personnel from a different branch visits your office for a month or a student enrolled for a semester need to be given access till he/she completes the semester. In such cases, the administrators can specify a period till which a particular system need to be considered as valid. Devices that are allowed guest access can any time be moved into allowed or rogue list. The administrators will also be notified when the allowed period expires.
The administrators are notified about unauthorised access as soon as it is detected. When combined with Switch Port Mapping, it also provides the details of the switch and port through which the rogue system is accessing the network. The switch port can be blocked or unblocked from within OpUtils. This enables them to act quickly in blocking the access.
OpUtils notifies the administrators about the detection of any unauthorised network access instantly. The notification can be through email and or by playing a sound. Email notifications can be effected to multiple persons.