Great questions. The documentation I was just reviewing (from Cisco's site) said that the rogue containment uses between 5-10 percent of the AP's performance, with a cap of 30%, but I didn't see specifics as to how often the flood of deauth messages would be sent. If the offending AP was in the same frequency bands as our production APs, then that could hurt performance, but the APs would be told to move to a new band (by the wlc) to avoid interference. Thanks for the questions, Keith
@ChrisGagnonDIY8 жыл бұрын
love all your videos. thanks for the micro nugget
@IhorSirishtan9 жыл бұрын
Wonderful video. Superb information presentation. Really enjoyed it!
@armyguy29811 жыл бұрын
Keith, a couple questions. 1. At what interval do the "deauth" messages broadcast? 2. Could the additional noise affect network performance? Thanks for another great video!
@adedejiemmanuel14 жыл бұрын
Thanks for the video. Is a "Deauthenticatication attack" the same as the "Disassociation attack"?
@dg404null3 жыл бұрын
very helpful
@markustoomiste44413 жыл бұрын
What I don't understand is that if you have an access point plugged into your network that isn't managed by the WLC, then how come you need to scan for it with your APs? Wouldn't it come up over the wired traffic?
@markustoomiste44413 жыл бұрын
If you can't distinguish a rogue AP over the wired traffic then how come after scanning for them with your APs you know which ones are a part of your network which ones are just adjacent networks' traffic reaching your APs' sensors.
@cbtnuggets3 жыл бұрын
Hi, Markus! Most of today's access points will have a specific port or protocol it uses to communicate with a wireless LAN controller. There are also times that you may not want it to be adopted into the main network. There might be additional configurations needed. If an additional AP was wired into the network, the vendor and protocols might be different and don't come up right away. The AP's working with the WLC can scan for neighboring AP's to help identify issues. It's best practice to also lock down the ports that are not in use. So if there is a port in the office that is not used regularly, you can do a few things like isolating it into an empty VLAN, and also set up port security to be notified of the connection. Hope that helps! Thank you for learning with us.
@markustoomiste44413 жыл бұрын
@@cbtnuggets Thanks for responding to a comment of a 7 year old video. Very impressive.