Ask the Expert

Should a network be regularly checked for rogue access points?

How often should an average enterprise network be checked for rogue access points?

    Requires Free Membership to View

First, you need to determine how long you can tolerate a rogue access point on your network. As you probably know, rogue APs may permit unauthorized access to your network. You need to sit down and think about two questions:

  • How long can you tolerate a rogue AP remaining on your network from the time it becomes active? If you can't tolerate a rogue access point for more than a day, you should check for rogue APs on a daily basis. If you can tolerate a longer delay, you can spread out your checks to a longer interval.
  • How likely is it that someone with access to your facility will set up a rogue AP? If it's extremely unlikely, you may be able to reduce the frequency of your wireless scans.

That's assuming, too, that you're using the poor-man's approach to rogue AP detection: simply walking around your facility using a tool like NetStumbler, a product used for periodic detection and identification of wireless networks.

If you're concerned about rogue APs and have money to invest in a tool, you might want to try a centralized rogue AP detection product, such as the RAPIDS module available from AirWave Wireless Inc. These tools use an organization's existing access points to search for and report rogue APs on the network. If you implement this type of centralized detection of unauthorized access points, you won't need to worry about periodic checks; the system will monitor the network continuously and alert you immediately when a new AP pops up on the airwaves.

More information:

  • Learn how to search for rogue access points.
  • Ed Skoudis explains the evolving threat of WiPhishing.
  • This was first published in July 2007

    There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: