Rogue Access Point (AP) removal process

Steps

At the discretion of the local IT group with consultation with Information Systems & Technology (IST), temporary and immediate authorization can be given while the application for authorization is followed. The AP must meet all the potential valid requirements.

The temporary immediate authorization will be revoked if the owner does not apply for approval within 3 days.

  1. The AP is determined to be a rogue and NOT potentially valid
  2. If the SSID being broadcast is the same or similar to one of our SSID's (see rogue AP classification) the offending access point should be disabled wirelessly and at the switch port as soon as possible. The comment in ONA should be "Disabled due to Rogue AP"
  3. If the AP is exposing the University of Waterloo networking without any security it should be disabled wirelessly and at the switch port as soon as possible. The comment in ONA should be "Disabled due to Rogue AP"
  4. Determine the general location for the rogue using airwave visualRF as being on campus
  5. Contact the computer support for that area to investigate the rogue
  6. Locate the rogue AP
  7. Determine who owns the AP (e.g., name on the office, user sitting with it in a cubicle, ask people in the area)
  8. Find out from the owner why the AP has been setup. Also direct the owner to the rogue AP exception/authorization documentation.
  9. If the user is complaining about wireless signal, a quick check should be done to measure the signal and then a ticket created for IST. Note: IST considers RSSI -78 and above to be acceptable and test with a D-link DWA-160 adapter (bars are not considered)
  10. If the user has setup the AP for research purposes direct them to the rogue AP exception / authorization documentation
  11. The port the rogue connects to (if known) is disabled and commented in ONA. The comment in ONA should be "Disabled due to Rogue AP".