Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
922
Views
0
Helpful
2
Replies

Soft Rogue Access Point

Go to solution
hassam991
Level 1
Level 1

‎11-29-2012 11:12 PM - edited ‎07-03-2021 11:08 PM

Hi,

I have run into a problem where I need some expert advice from people who have actually faced this issue. Many of you wireless guys might be knowing about recent emergence of "Soft Rogue Access Point" and how it can cause a nuisance to an IT administrator. As a matter of fact the windows 7 virtual AP feature can easily allow any employee to enable this feature on their laptops, so traditional security mechanism won't seem to be applicable.
I was thinking of ISE device profiling for this purpose but I am not sure if it can do any good. The only option the seems to be implementing a wIPS solution, but I wan to know if any body have actually used Cisco's or any other wIPS for this purpose and how well it works?
Regards,

Hassam

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Saravanan Lakshmanan
Cisco Employee
Cisco Employee

‎12-01-2012 05:57 AM

soft APs are harder to detect than rogue access points because the soft AP can appear as an authorized station to all wired-side network scans.

Cisco wips:-

http://www.cisco.com/en/US/docs/wireless/mse/3350/5.2/wIPS/configuration/guide/msecg_appA_wIPS.html#wp1166170

Regarding Windows soft ap I believe that your best option is to disable this via group policy and only allow clients to connect to infrastructure access point again via group policy.

Also, On all corp laptops, if possible deny permission to enable this feature

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Saravanan Lakshmanan
Cisco Employee
Cisco Employee

‎12-01-2012 05:57 AM

soft APs are harder to detect than rogue access points because the soft AP can appear as an authorized station to all wired-side network scans.

Cisco wips:-

http://www.cisco.com/en/US/docs/wireless/mse/3350/5.2/wIPS/configuration/guide/msecg_appA_wIPS.html#wp1166170

Regarding Windows soft ap I believe that your best option is to disable this via group policy and only allow clients to connect to infrastructure access point again via group policy.

Also, On all corp laptops, if possible deny permission to enable this feature

0 Helpful

Go to solution
hassam991
Level 1
Level 1
In response to Saravanan Lakshmanan

‎12-02-2012 08:46 PM

Thanks for the link. I guess throwing in a full blown MSE infrastructure seems to be the only option then with Cisco. Meanwhile tighter compliance standards, for now as you mentioned would do some good.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card