On Sun, Oct 14, 2012 at 1:59 PM, Jonathan Rogers <quantumfoam@gmail.com>wrote:
Gentlemen,
An issue has come up in my organization recently with rogue access points. So far it has manifested itself two ways:
1. A WAP that was set up specifically to be transparent and provided unprotected wireless access to our network.
2. A consumer-grade wireless router that was plugged in and "just worked" because it got an address from DHCP and then handed out addresses on its own little network.
There are wireless IDS/IPS products available that monitor not only the airspace, but the wire as well. Many of these products will also actively defend the airspace. Search for "wIDS" and/or "wIPS". Often the cost of purchasing and deploying these products is more expensive than the cost of implementing simple 802.1x port authentication though. If nothing else, set up guest wireless piped to a cheap broadband connection and create and/or enforce proper acceptable use policies on your LAN. The less you fight your users, the easier your job is. Of course all of this is dependent on the business and legal jurisdiction you are in. -Jon