- How long can you tolerate a rogue AP remaining on your network from the time it becomes active? If you can't tolerate a rogue access point for more than a day, you should check for rogue APs on a daily basis. If you can tolerate a longer delay, you can spread out your checks to a longer interval.
- How likely is it that someone with access to your facility will set up a rogue AP? If it's extremely unlikely, you may be able to reduce the frequency of your wireless scans.
That's assuming, too, that you're using the poor-man's approach to rogue AP detection: simply walking around your facility using a tool like NetStumbler, a product used for periodic detection and identification of wireless networks.
If you're concerned about rogue APs and have money to invest in a tool, you might want to try a centralized rogue AP detection product, such as the RAPIDS module available from AirWave Wireless Inc. These tools use an organization's existing access points to search for and report rogue APs on the network. If you implement this type of centralized detection of unauthorized access points, you won't need to worry about periodic checks; the system will monitor the network continuously and alert you immediately when a new AP pops up on the airwaves.
Dig Deeper on Network Access Control technologies
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ...continue reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ...continue reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.