Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.
Introduction to RAPIDS
Rogue device detection is a core component of wireless security. With RAPIDS rules engine and containment options, you can create a detailed definition of what constitutes a rogue device, and quickly act on a rogue AP for investigation, restrictive action, or both. Once rogue devices are discovered, RAPIDS alerts your security team of the possible threat and provides essential information needed to locate and manage the threat.
RAPIDS discovers unauthorized devices in your WLAN network in the following ways:
- Over the Air using your existing enterprise APs.
- On the Wire
- Polling routers and switches to identify, classify, and locate unknown APs
- Using the controller’s wired discovery information
- Using HTTP and SNMP scanning
To set up a scan, refer to How to Set Up Device Discovery.
Furthermore, RAPIDS integrates with external intrusion detection systems (IDS), as follows:
- HPE Aruba NetworkingWIP—Wireless Intrusion Protection (WIP) module integrates wireless intrusion protection into the mobile edge infrastructure. The WIP module provides wired and wireless AP detection, classification and containment; detects DoS and impersonation attacks; and prevents client and network intrusions.
- Cisco WLSE (1100 and 1200 IOS)—AirWave fetches rogue information from the HTTP interface and gets new AP information from SOAP API. This system provides wireless discovery information rather than rogue detection information.
- AirMagnet Enterprise—Retrieves a list of managed APs from AirWave.
- AirDefense—Uses the AirWave XML API to keep its list of managed devices up to date.
- WildPackets OmniPeek—Retrieves a list of managed APs from AirWave.
