Home » ZyXEL Manuals » Wireless » ZyXEL WAC6303D-S » Manual Viewer

ZyXEL WAC6303D-S User Guide - Page 110

Rogue APs, Friendly APs, Rogue AP Detection, Rogue AP Example

Add to My Manuals
Save this manual to your list of manuals

Page 110 highlights

Chapter 10 Wireless Rogue APs A rogue AP is a wireless access point operating in a network's coverage area that is not under the control of the network administrator, and which can potentially open up holes in a network's security. In the following example, a corporate network's security is compromised by a rogue AP (RG) set up by an employee at his workstation in order to allow him to connect his notebook computer wirelessly (A). The company's legitimate wireless network (the dashed ellipse B) is well-secured, but the rogue AP uses inferior security that is easily broken by an attacker (X) running readily available encryption-cracking software. In this example, the attacker now has access to the company network, including sensitive data stored on the file server (C). Figure 61 Rogue AP Example Friendly APs If you have more than one AP in your wireless network, you should also configure a list of "friendly" APs. Friendly APs are wireless access points that you know are not a threat. It is recommended that you export (save) your list of friendly APs often, especially if you have a network with a large number of access points. Exported lists show MAC addresses in txt file format separated by line breaks. Rogue AP Detection This feature allows the Zyxel Device to monitor the WiFi signals for other wireless APs (see also Section 1.2.3 on page 15). Detected APs will appear in the Monitor > Wireless > Detected Device screen, where the Zyxel Device will label APs with the criteria you select in Suspected Rogue AP Classification Rule as a suspected rogue. The APs which you mark as either rogue or friendly APs in the Monitor > Wireless > Detected Device screen will appear in the Wireless > Rogue AP screen. See Section 1.4 on page 19 to NWA/WAC/WAX Series User's Guide 110

Section	Page
NWA/WAC/WAX Series	1
Document Conventions	3
Contents Overview	4
Table of Contents	5
Introduction	13
1.1 Overview	13
1.2 Zyxel Device Roles	13
1.2.1 Root AP	14
1.2.2 Wireless Repeater	14
1.2.3 Radio Frequency (RF) Monitor	15
1.3 Sample Feature Applications	17
1.3.1 MBSSID	17
1.3.2 Dual-Radio	18
1.4 Zyxel Device Product Feature Comparison	19
AP Management	24
2.1 Management Mode	24
2.1.1 Standalone	24
2.1.2 Nebula Control Center	24
2.1.3 AP Controller (AC)	26
2.2 Switching Management Modes	26
2.3 Zyxel One Network (ZON) Utility	27
2.3.1 Requirements	27
2.3.2 Run the ZON Utility	28
2.4 Ways to Access the Zyxel Device	31
2.5 Good Habits for Managing the Zyxel Device	32
Hardware	33
3.1 Grounding (WAC6552D-S and WAC6553D-E)	33
3.2 Zyxel Device Models With Single LEDs	34
3.2.1 NWA1123-ACv2	34
3.2.2 WAC6303D-S and NWA5123-AC HD	36
3.2.3 NWA1123-AC HD	37
3.2.4 NWA5123-AC	39
3.2.5 NWA110AX, WAX510D and WAX650S	40
3.3 Zyxel Device Models With Multiple LEDs	42
3.3.1 NWA1123-AC PRO	42
3.3.2 NWA1302-AC	44
3.3.3 WAC6502D-E, WAC6502D-S, and WAC6503D-S	46
3.3.4 WAC6103D-I	48
3.3.5 WAC5302D-S	50
Web Configurator	53
4.1 Overview	53
4.2 Accessing the Web Configurator	53
4.3 Navigating the Web Configurator	55
4.3.1 Title Bar	56
4.3.2 Navigation Panel	58
4.3.3 Standalone Mode Navigation Panel Menus	58
4.3.4 Cloud Mode Navigation Panel Menus	60
4.3.5 Tables and Lists	61
Standalone Configuration	64
Standalone Configuration	65
5.1 Overview	65
5.2 Starting and Stopping the Zyxel Device	65
Dashboard	67
6.1 Overview	67
6.1.1 CPU Usage	70
6.1.2 Memory Usage	71
Setup Wizard	73
7.1 Accessing the Wizard	73
7.2 Using the Wizard	73
7.2.1 Step 1 Time Settings	73
7.2.2 Step 2 Password and Uplink Connection	74
7.2.3 Step 3 Radio	75
7.2.4 Step 4 SSID	76
7.2.5 Summary	78
Monitor	79
8.1 Overview	79
8.1.1 What You Can Do in this Chapter	79
8.2 What You Need to Know	79
8.3 Network Status	80
8.3.1 Port Statistics Graph	81
8.4 Radio List	82
8.4.1 AP Mode Radio Information	84
8.5 Station List	86
8.6 WDS Link Info	87
8.7 Detected Device	88
8.8 View Log	91
Network	94
9.1 Overview	94
9.1.1 AP Controller Management	94
9.1.2 What You Can Do in this Chapter	96
9.2 IP Setting	97
9.3 VLAN	98
9.4 Storm Control	101
9.5 AC (AP Controller) Discovery	102
9.6 NCC Discovery	103
Wireless	105
10.1 Overview	105
10.1.1 What You Can Do in this Chapter	105
10.1.2 What You Need to Know	106
10.2 AP Management	106
10.3 Rogue AP	109
10.3.1 Add/Edit Rogue/Friendly List	113
10.4 Load Balancing	114
10.4.1 Disassociating and Delaying Connections	115
10.5 DCS	116
10.6 Technical Reference	117
Bluetooth	119
11.1 Overview	119
11.1.1 What You Need To Know	119
11.2 Bluetooth Advertising Settings	120
11.2.1 Edit Advertising Settings	120
User	122
12.1 Overview	122
12.1.1 What You Can Do in this Chapter	122
12.1.2 What You Need To Know	122
12.2 User Summary	123
12.2.1 Add/Edit User	123
12.3 Setting	125
12.3.1 Edit User Authentication Timeout Settings	127
AP Profile	129
13.1 Overview	129
13.1.1 What You Can Do in this Chapter	129
13.1.2 What You Need To Know	129
13.2 Radio	130
13.2.1 Add/Edit Radio Profile	131
13.3 SSID	136
13.3.1 SSID List	136
13.3.2 Add/Edit SSID Profile	138
13.4 Security List	140
13.4.1 Add/Edit Security Profile	141
13.5 MAC Filter List	145
13.5.1 Add/Edit MAC Filter Profile	145
13.6 Layer-2 Isolation List	146
13.6.1 Add/Edit Layer-2 Isolation Profile	148
MON Profile	149
14.1 Overview	149
14.1.1 What You Can Do in this Chapter	149
14.2 MON Profile	149
14.2.1 Add/Edit MON Profile	150
WDS Profile	152
15.1 Overview	152
15.1.1 What You Can Do in this Chapter	152
15.2 WDS Profile	152
15.2.1 Add/Edit WDS Profile	153
Certificates	154
16.1 Overview	154
16.1.1 What You Can Do in this Chapter	154
16.1.2 What You Need to Know	154
16.1.3 Verifying a Certificate	156
16.2 My Certificates	157
16.2.1 Add My Certificates	158
16.2.2 Edit My Certificates	160
16.2.3 Import Certificates	163
16.3 Trusted Certificates	164
16.3.1 Edit Trusted Certificates	165
16.3.2 Import Trusted Certificates	168
16.4 Technical Reference	169
System	170
17.1 Overview	170
17.1.1 What You Can Do in this Chapter	170
17.2 Host Name	170
17.3 Power Mode	171
17.4 Date and Time	172
17.4.1 Pre-defined NTP Time Servers List	174
17.4.2 Time Server Synchronization	174
17.5 WWW Overview	175
17.5.1 Service Access Limitations	175
17.5.2 System Timeout	175
17.5.3 HTTPS	176
17.5.4 Configuring WWW Service Control	176
17.5.5 HTTPS Example	177
17.6 SSH	183
17.6.1 How SSH Works	184
17.6.2 SSH Implementation on the Zyxel Device	185
17.6.3 Requirements for Using SSH	185
17.6.4 Configuring SSH	185
17.6.5 Examples of Secure Telnet Using SSH	186
17.7 Telnet	187
17.8 FTP	188
17.9 SNMP	189
17.9.1 Supported MIBs	190
17.9.2 SNMP Traps	190
17.9.3 Configuring SNMP	190
17.9.4 Adding or Editing an SNMPv3 User Profile	191
Log and Report	193
18.1 Overview	193
18.1.1 What You Can Do In this Chapter	193
18.2 Email Daily Report	193
18.3 Log Setting	195
18.3.1 Log Setting Screen	196
18.3.2 Edit System Log Settings	197
18.3.3 Edit Remote Server	201
18.3.4 Active Log Summary	202
File Manager	205
19.1 Overview	205
19.1.1 What You Can Do in this Chapter	205
19.1.2 What you Need to Know	205
19.2 Configuration File	206
19.2.1 Example of Configuration File Download Using FTP	210
19.3 Firmware Package	211
19.3.1 Example of Firmware Upload Using FTP	212
19.4 Shell Script	213
Diagnostics	216
20.1 Overview	216
20.1.1 What You Can Do in this Chapter	216
20.2 Diagnostics	216
LEDs	218
21.1 Overview	218
21.1.1 What You Can Do in this Chapter	218
21.2 Suppression Screen	218
21.3 Locator Screen	219
Antenna Switch	221
22.1 Overview	221
22.1.1 What You Need To Know	221
22.2 Antenna Switch Screen	221
Reboot	223
23.1 Overview	223
23.1.1 What You Need To Know	223
23.2 Reboot	223
Shutdown	224
24.1 Overview	224
24.1.1 What You Need To Know	224
24.2 Shutdown	224
Local Configuration in Cloud Mode	225
Cloud Mode	226
25.1 Overview	226
25.2 Cloud Mode Web Configurator Screens	226
Dashboard	228
Network	230
27.1 Overview	230
27.1.1 What You Can Do in this Chapter	230
27.2 IP Setting	230
27.3 VLAN	232
Maintenance	233
28.1 Overview	233
28.1.1 What You Can Do in this Chapter	233
28.2 Shell Script	233
28.3 Diagnostics	234
28.4 View Log	235
Appendices and Troubleshooting	238
Troubleshooting	239
29.1 Overview	239
29.2 Power, Hardware Connections, and LED	239
29.3 Zyxel Device Management, Access, and Login	240
29.4 Internet Access	244
29.5 WiFi Network	245
29.6 Resetting the Zyxel Device	246
29.7 Getting More Troubleshooting Help	247
Importing Certificates	248
IPv6	272
Customer Support	280
Legal Information	286

Match case Limit results 1 per page

Chapter 10 Wireless

NWA/WAC/WAX Series User’s Guide

110

Rogue APs

A rogue AP is a wireless access point operating in a network’s coverage area that is not under the

control of the network administrator, and which can potentially open up holes in a network’s security.

In the following example, a corporate network’s security is compromised by a rogue AP (

) set up by

an employee at his workstation in order to allow him to connect his notebook computer wirelessly (

The company’s legitimate wireless network (the dashed ellipse

) is well-secured, but the rogue AP uses

inferior security that is easily broken by an attacker (

) running readily available encryption-cracking

software. In this example, the attacker now has access to the company network, including sensitive

data stored on the file server (

Figure 61

Rogue AP Example

Friendly APs

If you have more than one AP in your wireless network, you should also configure a list of “friendly” APs.

Friendly APs are wireless access points that you know are not a threat. It is recommended that you

export (save) your list of friendly APs often, especially if you have a network with a large number of

access points. Exported lists show MAC addresses in txt file format separated by line breaks.

Rogue AP Detection

This feature allows the Zyxel Device to monitor the WiFi signals for other wireless APs (see also

Section

1.2.3 on page 15

). Detected APs will appear in the

Monitor > Wireless > Detected Device

screen, where

the Zyxel Device will label APs with the criteria you select in

Suspected Rogue AP Classification Rule

as a

suspected rogue. The APs which you mark as either rogue or friendly APs in the

Monitor > Wireless >

Detected Device

screen will appear in the

Wireless > Rogue AP

screen. See

Section 1.4 on page 19