Rogue Access Point Detection

You can configure your wireless Firebox to detect rogue wireless access points that operate in the same range as your wireless network.

A rogue access point is any wireless access point within range of your network that is not recognized as an authorized access point or configured exception in your wireless deployment. A rogue access point can be an unauthorized AP connected to your network by someone inside your organization without consent. These access points are security risks to your wireless and wired networks if they do not have proper security features enabled. A rogue access point can also be an AP external to your wireless network that is within your network range. This includes Honeypot or Evil Twin rogue access points that impersonate legitimate APs by broadcasting the same network SSID as your authorized APs.

When you enable rogue access point detection on your wireless Firebox , the wireless radio in the device scans wireless channels to identify unknown wireless access points. You can configure the scan to run continuously, or to run at a scheduled interval and time of day.

When a rogue access point scan begins, the wireless Firebox scans the airwaves within range for other radio broadcasts. The device scans for wireless access points on all available wireless channels for the country where the device is located. The scan is not limited to the wireless mode and channel settings configured in the radio settings of your device.

When the wireless Firebox detects the signal of another wireless access point, it compares the characteristics of the access point to a list of trusted access points that you configure. If the discovered access point does not match any trusted access point, the Firebox reports the device as a potential rogue access point. You can configure the device to send an alarm when a rogue access point is detected. If you enable logging, you can run a report of all scans and scan results.

The Rogue Access Point Detection feature for Firebox wireless devices is different than the Rogue Access Point Detection feature designed for the Gateway Wireless Controller and managed WatchGuard AP devices. For more information on Rogue Access Point Detection on the Gateway Wireless Controller, see Enable Rogue Access Point Detection with the Gateway Wireless Controller.

For information on the differences between Firebox wireless devices and WatchGuard AP devices, see WatchGuard Wireless Solutions.

See Also

Enable Rogue Access Point Detection on a Wireless Firebox