I operate a ZD and an unleashed network. On both of them I activated WIPS with Rogue AP detection and protection.
Could someone explain me :
- What is the purpose of the "User Blocked Rogue Devices". Aren't they blocked as soon as they are detected except if they are in the "known" list ?
- I found a way to get the Rogue list by CLI. Does CLI commands exist to manage the Known/Blocked list (ie to automatically add a newly detected AP to the Blocked list) ?
- As far as I understand, the AP detects only rogue AP using their own channel. Is there a way to dedicate on (ore more) AP to scan all channels to detect & block rogue APs ?
- Is the deauthentification really efficient enough to provide internal users to install local AP / share their CellPhone network ?
Thanks in advance