SonicOS 7.0 Access Points

Intrusion Detection Services

Rogue devices have emerged as one of the most serious and insidious threats to wireless security. In general terms, a device is considered rogue when it has not been authorized for use on the network. The convenience, afford-ability and availability of non-secure access points, and the ease with which they can be added to a network creates an easy environment for introducing rogue devices. The real threat emerges in a number of different ways:

  • Unintentional and unwitting connections to the rogue device
  • Transmission of sensitive data over non-secure channels
  • Unwanted access to LAN resources

While this doesn't represent a deficiency in the security of a specific wireless device, it is a weakness to the overall security of wireless networks.

Intrusion Detection Services (IDS) greatly increase the security capabilities of the firewall because it helps the appliance recognize and take countermeasures against the most common types of illicit wireless activity. IDS reports on all access points the firewall can find by scanning the 802.11a, 802.11g, and 802.11n radio bands on the access points.

The DEVICE | Access Points > IDS page reports on all devices detected by the firewall and its associated access points, and provides the ability to authorize legitimate devices.

The following table describes the Discovered Access Point Table and entities that are displayed on the IDS page.

Table Column or Entity Description
Entity
Search

Use the Search feature to locate specific access points.

View Style: Access Point If you have more than one access point, you can select an individual access point from the Access Point drop-down menu or All Access Points if you want to see all of them.
Scan All Initiates an operation to call all access points and identify connected devices.
Refresh Refreshes the screen to display the most current list of access points in your network.
Discovered Access Points Table
Access Point The access point name: shows only when All SonicPoints is selected in the View Style: Access Point drop-down menu.
MAC Address (BSSID) The MAC address of the radio interface of the detected access point.
SSID The radio SSID of the device.
Type The radio band being used by the device: 2.4 GHz or 5 GHz.
Channel The radio channel used by the device.
Authentication The authentication type.
Cipher The cipher mode.
Vendor The vendor of the access point.
Signal Strength The strength of the detected radio signal.
Max Rate The fastest allowable data rate for the access point radio.
Authorize When the Edit icon is clicked, the device is added to the address object group of authorized devices.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden