RADAR passive scans for rougue access points

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
Hi,
assume an access point (AP37xx,Ap38xx) is configured with an in-service-scan profile and has the option "rogue AP detection" enabled. The access point forwards user packets on Channel 1 (2,4 GHz).

Will the access point detect rogue access points on other channels than Channel 1?

I know that prevention countermeaseures will only work on channel 1 but im curiuos about detection.
Photo of htw

htw

  • 1,144 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Paulo Francisco

Paulo Francisco, Employee

  • 1,462 Points 1k badge 2x thumb

HI Arndt,

When in-service the AP does not change channels for assessment or countermeasures. As such, In-service AP will only detect threats in its own channel of operation (Channel 1 in this case).

For more extensive off-channel detection the recommendation would be to deploy an AP in Guardian mode.

Paulo

Photo of James A

James A, Embassador

  • 6,510 Points 5k badge 2x thumb
Is there a design guide for deploying APs in Guardian mode? I'm about to replace a bunch of 3710s with 3825s and have bought some Radar licenses so I can redeploy the old APs for dedicated scanning.
Photo of Doug Hyde

Doug Hyde, Technical Support Manager

  • 20,136 Points 20k badge 2x thumb
No design guide that I know of. Typically I think we suggest a 5 ap to 1 Guardian model, you want the Guardian to be in listen range of your access points. 
Photo of James A

James A, Embassador

  • 6,510 Points 5k badge 2x thumb
That's a good starting point, thanks.