WESM zl Management and Configuration Guide WT.01.28 and greater

12-39

Wireless Network Management

AP Detection

People may introduce unauthorized APs into your network for several reasons.

Sometimes attackers set up rogue APs in your environment, hoping to lure wireless

users to authenticate to them instead of to your network’s RPs. In this way, attackers

can collect sensitive information, including passwords with which they can then

access your private network and view, steal, or damage data.

More commonly, users introduce APs for their own convenience, not meaning any

particular harm. However, because users often take inadequate measures to secure

these APs, the unauthorized APs open vulnerabilities for hackers to exploit.

The ProCurve RPs210, 220, and 230 can listen for such unauthorized APs, collecting

information about them to be sent to the Wireless Edge Services zl Module.

The module helps you to manage this information. You can even configure the

module to automatically send an alarm when an unauthorized AP is detected.

Note AP detection tracks devices that are not connected, either directly or indirectly, to the

Wireless Edge Services zl Module. It does not prevent unauthorized RPs from being

adopted. To control RPs that connect to your network, you must configure the

module’s adoption settings as described in Chapter 2: “Configuring the ProCurve

Wireless Edge Services zl Module.”

You can enable and manage AP detection from the Special Features > Access Point

Detection screen, which is shown in Figure 12-26.