Is Rogue Detection Causing You Problems? | Wyebot

Is Rogue Detection Causing You More Problems than it Solves?

March 14, 2019

Most wireless LAN controllers have a functionality referred to as IDS/IPS (intrusion detection system/intrusion prevention system).  The IDS monitors a network and sends alerts to administrators if there is an attack while the IPS goes a step further and automatically takes action to prevent attacks.  Using the functionality, Access Points (APs) can be programmed to actually attack rogue APs.  For example, if someone sets up a hotspot near the AP, the AP can send certain frames to try and knock the hotspot off the network.  While this initially seems helpful, if the rogue device is not a malicious type it can actually cause bigger problems for the network.  The frames sent by the AP take up airtime and increase the traffic on the network.  This can cause other network-connected devices to experience poor quality of service.  In effect, in trying to knock off the rogue device, the AP can cause more disruption than if the device was left alone.

Without a holistic look into a network’s operations, consumers might not know that rogue detection is behind complaints that the wireless isn’t working, or is performing slowly.  Using The Wireless Intelligence Platform™ (WIP), our clients can see if the IDS/IPS functionality is enabled, and how much airtime rogue detection/prevention is taking up.  In addition, WIP proactively identifies possible degradation, automatically provides actionable steps for prevention/improvement, and clearly displays any intrusion activity on the network and the effect on network security and quality of service.  Complete wireless ecosystem visibility is the only way to truly know how the network is operating, and what should be done to enhance it.