Monitor Access Point WIPS Status

Applies To: Wi-Fi Cloud-managed Access Points (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420)

In Discover, the Monitor > WIPS > Access Points page lists all visible APs that are part of the Wi-Fi network or operating in the vicinity of the Wi-Fi network.

APs are classified into these types, each represented by a different color:

  • Authorized — This AP is authorized to access wired and wireless networks and network resources.
  • Rogue — This AP is not authorized to access the network or network resources. It is an AP that is installed in an unauthorized manner, without the knowledge of the administrator, or without authorization. The AP could be used for malicious activity, such as the theft of sensitive data or unauthorized access to network resources.
  • Misconfigured — The AP configuration does not match the current Authorized WiFi Policy.
  • External — This AP is not connected to your network, but is an external neighbor AP that operates in the vicinity of your Wi-Fi network.
  • Uncategorized — When an AP is first detected, the AP is classified as an uncategorized AP.

To download an inventory of devices, freeze columns, add or remove columns, filter the display, and switch to full screen mode, use the icons at the top-right of the page. For more information, see Table Actions for Monitor Pages.

The data in the columns represents live data updated every 15 minutes.

Screen shot of the Access Points tab on the WIPS monitor page in Discover

The WIPS - Access Points monitoring page includes this information:

Field Description
Status Indicates if the AP is active (green) or inactive (red).
Name Specifies the name of an AP.
MAC Address Indicates the MAC address of the AP.
Prevention Status Indicates the prevention status of the AP.
Is Networked Indicates if the AP is connected to the network.
Network Indicates the network of the AP.
Active/Inactive since Date and time since the AP was last connected or disconnected from the network.
First Detected At Date and time since the AP was first detected.
Location Location of the AP.
RSSI (dBm) Detected RSSI of the AP.

Channel

Channel in use by the AP.
No. of Associations Number of clients associated to the AP.
SSID SSIDs broadcast by the AP.
Security Security mode used by the AP.
Authentication Authentication method used by the AP.
802.11w Indicates the 802.11w (Management Frame Protection) status of the AP.
Encryption Encryption type used by the AP.
Vendor Name The vendor name of the AP.
Capability A list of AP capabilities.
Is Banned Indicates if the AP is on the banned list.
Tag Additional information about the AP.

Access Point Actions

To perform actions on an AP, right-click the AP name, and select an action:

  • Change Classification — Change the WIPS classification of the AP.
  • Capture Packet Trace — Perform a packet trace on an AP. For more information, see Capture Packet Trace.
  • Packet Trace History — View the packet trace history for a selected AP.
  • Prevent This Device — Quarantine the device to prevent connections to your Wi-Fi network.
  • Disable Auto-Prevention — Disable automatic intrusion prevention on this AP.
  • Add to Banned List — Add the MAC address of this AP to the device banned list. For more information, see Banned Access Points and Clients.
  • Mark as Known External — Mark this external AP as a known device.
  • Rename — Renames the AP.
  • Modify Tag — Change the tag for the AP.
  • Move — Change the location of the AP.
  • Delete — Deletes the AP from the list of available APs.

Auto Deletion Settings

Click Auto Deletion to manage automatic deletion of inactive APs from the WIPS monitoring page.

Select the category of APs and the duration of inactivity (1 to 30 days) after which the APs are automatically deleted. The default is 30 days.

Screen shot of the Auto Deletion settings for the Monitor > WIPS > Access Points page in Discover