SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
Wireless > IDS
492
SonicOS 5.8.1 Administrator Guide
connectivity for associated wireless clients. While in Access Point mode, the Scan Now
function should only be used if no clients are actively associated, or if the possibility of client
interruption is acceptable.
Intrusion Detection Settings
Rogue Access Points have emerged as one of the most serious and insidious threats to
wireless security. In general terms, an access point is considered rogue when it has not been
authorized for use on a network. The convenience, affordability and availability of non-secure
access points, and the ease with which they can be added to a network creates a easy
environment for introducing rogue access points. Specifically, the real threat emerges in a
number of different ways, including unintentional and unwitting connections to the rogue
device, transmission of sensitive data over non-secure channels, and unwanted access to LAN
resources. So while this doesn't represent a deficiency in the security of a specific wireless
device, it is a weakness to the overall security of wireless networks.
The security appliance can alleviate this weakness by recognizing rogue access points
potentially attempting to gain access to your network. It accomplishes this in two ways: active
scanning for access points on all 802.11a, 802.11g, and 802.11n channels, and passive
scanning (while in Access Point mode) for beaconing access points on a single channel of
operation.
Select the Enable Rogue Access Point Detection checkbox to specify the rogue access point
detection method. The Authorized Access Points menu allows you to specify All Authorized
Access Points, Create new MAC Address Object Group, or Select an Address Object
Group.
The Authorized Access Points menu allows you to specify which access points the
SonicWALL security appliance will considered authorized when it performs a scan. You can
select All Authorized Access Points to allow all SonicPoints, or you can select Create new
MAC Address Object Group to create an address object group containing a group of MAC
address to limit the list to only those SonicPoints whose MAC addresses are contained in the
address object group.
Select Create Address Object Group to add a new group of MAC address objects to the list.