View Cart
0 Items | Total: US$0.00
Welcome,      Register

You are here

Home » Wireless » WL0031 - WLC Rogue Detection and IDS (Part 3)

WL0031 - WLC Rogue Detection and IDS (Part 3)

Rating: 
0
No votes yet
Difficulty Level: 
3
Lab Document: 
<Please login to see the content>
Category: 
Wireless
Video Download: 
Title: WL0031 - Video Download $20.00
Purchase WL0031 - Video Download $20.00
The video discusses a topic of rogue device detection on Cisco Wireless LAN Controller. We will demonstrate how a rogue is detected, using Monitor Mode AP and WSM, and determined if it is connected to your corporate network. We will go through configuration of rogue classification and containment. The video closes with overview on wireless IDS. Wireshark captures are taken throughout the video to provide you with insight into protocol behavior. 
 
Part 3 of the video covers rogue classification and containment
 
Topic:
  • Rouge Detection
  • Monitor Mode AP and Wireless Security Module (WSM)
  • Rogue Location Discovery Protocol (RLDP)
  • Rogue Detector AP
  • Rogue Classification
    • Friendly, Malicious, Custom, Unclassified
  • Manual and Auto Rogue Class Assignment
  • Rogue Containment (Manual and Automatic)
  • Wireless Intrusion Detection
  • Wireless IDS Signature
  • Wireshark Capture
Tag: 
wireless
wlc
rogue
rldp
monitor
wsm
ids
wireshark

About Author

Metha Chiewanichakorn, CCIE#23585 (Ent. Infra, Sec, SP), is a Cisco networking enthusiast with years of experience in the industry. He is currently working as a consulting engineer for a Cisco partner. As a founder of and an instructor at labminutes.com, Metha enjoys learning and challenges himself with new technologies.
http://www.linkedin.com/in/methachiewanichakorn

3 comments

Submitted by sherief on Wed, 11/14/2018 - 13:03

Hi metha, as per video, we are able to detect rogue APs and rogue clients using the monitor mode.
so why we need The rogue detector mode for the AP.
and can AP serve clients normal traffic at same time with monitor mode and rogue detector mode. ?

Submitted by admin on Sun, 11/18/2018 - 22:50

Rogue Detector Mode AP is specifcally used to monitor the wire to determine if a rogue AP is connected to your network. This is done by sniffing out ARP packets and compare learned MAC address to the rogue client list reported by Monitor Mode AP.

Submitted by Mahmoud Magdy on Wed, 11/17/2021 - 02:56

How can i jam any ap appear in my field except my aps that connected to wlc

Poll

Vote for the Next Video Series