Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1903
Views
10
Helpful
1
Replies

Monitor mode VS Rogue detector mode

ccnaluna93
Level 1
Level 1

‎04-11-2020 12:32 AM - edited ‎07-05-2021 11:55 AM

Hello, 

As you know lightweight APs can be configured in several special-purpose modes, one of them is the Monitor Mode which provide us rogue AP detection, but on the other hand we have Rogue Mode which seems to have the same ability ... so why would we use Rogue Mode if we have the same ability with Monitor Mode?

 

I don't know if there is something deeper that I'm missing but I have this doubt after studying both concepts in CCNA 200-301 (definitions in the pictures below)

 

Reference: 

CCNA 200-301 OGC, Page 647

 

Monitor: The AP does not transmit at all, but its receiver is enabled to act as a dedicated
sensor. The AP checks for IDS events, detects rogue access points, and determines the
position of stations through location-based services.

 

Rogue detector: An AP dedicates itself to detecting rogue devices by correlating MAC
addresses heard on the wired network with those heard over the air. Rogue devices are
those that appear on both networks.

 

I would appreciate your help!

Labels:
1 Reply 1

Scott Fella
Hall of Fame
Hall of Fame

‎04-11-2020 09:11 AM

Yeah might be a bit confusing but if you read it again, monitor just monitors the air where when you use rogue detection, you also need Prime Infrastructure. Rogue detection will try to associate to a rogue ap and the with Prime will try to correlate the MAC address to determine if the rogue device is connected to your wired network.
-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card