Educause Security Discussion mailing list archives
Re: Wireless Network Rogue Access Points
From: Brian Epstein <bepstein () IAS EDU>
Date: Thu, 9 May 2019 13:28:37 -0400
Hi Greg, Any place on our campus where someone could plug in a rogue AP, we make sure it would end up on the untrusted/BYOD network. Any open port on the untrusted or trusted network also requires some type of registration, although it is admittedly a lightweight registration on the untrusted side. We have a policy that rogue access points are not allowed on our network. We found, over the years, that enforcing the policy is difficult/time consuming. In general, if there is interference or something malicious going on, we focus on getting it taken down quicker. Otherwise, we ignore them (they are on the untrusted/BYOD network). In the future, we are looking at utilizing SDNs to make it more difficult to get a rogue onto the network to begin with. I think this will be more effective for us rather than trying to hunt down rogue APs. Our monitoring is done via our Cisco APs, WLCs, and Prime infrastructure. Thanks, ep On 5/9/19 1:05 PM, Perrotti, Gregory wrote:
Good afternoon. We are conducting an audit of our Wireless Network and one of the risk areas we are assessing is related to rogue access points. We are interested to know if any of you allow rogue access points and if so, what type of monitoring is done to detect the rogue access points? Your feedback and input is appreciated. Thank you, Greg *Gregory Perrotti, CISA* IT Audit Director The University of Connecticut and UConn Health Audit & Management Advisory Services 28 Professional Park Storrs, CT 06268 Phone: (860) 486-9350 (UConn Storrs) Phone: (860) 679-4290 (UConn Health) Fax: (860) 486-4527 Email: _gregory.perrotti () uconn edu <mailto:gregory.perrotti () uconn edu>_ *REPORTLINE email: *reportline () uconn edu <mailto:reportline () uconn edu>** *REPORTLINE phone: 1-888-685-2637* *CONFIDENTIALITY NOTICE*/: If you have received this e-mail in error, please immediately notify the sender by e-mail at the address shown and delete all copies of this message. This e-mail transmission may contain information that is proprietary, privileged, confidential, or otherwise legally exempt from disclosure. If you are not the named addressee, please be aware that you are not authorized to open, read, print, retain, copy, or disseminate this message or any part of it. Thank you for your compliance./
-- Brian Epstein <bepstein () ias edu> +1 609-734-8179 Manager, Network and Security Institute for Advanced Study Key fingerprint = A6F3 9F5A 26C5 5847 79ED C34C C0E5 244A 55CA 2B78
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Wireless Network Rogue Access Points Perrotti, Gregory (May 09)
- Re: Wireless Network Rogue Access Points Brian Epstein (May 09)