Académique Documents
Professionnel Documents
Culture Documents
AirTight Networks
www.AirTightNetworks.com
What is Rogue AP
It
has been estimated that almost 20% of corporations
have Rogue APs in their networks at some time
Rogue AP on network =
(logically) LAN jack of
your network hanging
out of the premises
No!
Rogue AP
Office Premises
and LAN Attacker
Internet Firewall
No!
NAC
Rogue AP
Legitimate
user
Rogue APs over bridging laptops MAC spoofer
© 2009, AirTight Networks Inc. All Rights Reserved.
Can antivirus, wired IDS protect from Rogue AP
No!
NAC
Rogue AP
Legitimate
user
Rogue APs over bridging laptops MAC spoofer
© 2009, AirTight Networks Inc. All Rights Reserved.
So what protects network from Rogue APs
No!
Several
Rogue AP types are undetectable by wire side only
scanning, examples:
• Bridging APs on a subnet inconsistent with their wired IP
address (default configuration)
• Soft APs
• Router (NAT) APs with cloned wire side MAC address
See http://blog.airtightnetworks.com/rogue-ap-detection-
pci-compliance/ for more details
Rogue
Connected to
AP
my network
© 2009, AirTight Networks Inc. All Rights Reserved.
What is key technology enabler for accurate auto-
classification
WIPS Sensor
Rogue AP