Configuration > Security > Wireless Protection Policies

The Configuration > Security > Wireless Protection Policies > Rogue Policies page enables you to select global parameters for rogue access point detection.

Parameter	Description
Rogue Location Discovery Protocol	Rogue location discovery protocol options that you can specify. The default value is disabled. Monitor Mode APs—Enables the Rogue Location Discovery Protocol (RLDP) only on monitor-mode access points. All APs—Enables RLDP on all access points (monitor-mode and data). If you configure the Switch to use RLDP on all access points, the Switch always chooses the monitor access point for RLDP operation if a monitor access point and a local (data) access point are both nearby. Disable—Disables RLDP.
Expiration Timeout for Rogue AP Entries	Number of seconds after which the rogue access point will be taken off the list. Valid values are from 240 to 3600; the default value is 1200.
Validate rogue clients against AAA	Validation that you can enable using the AAA server or local database to validate if rogue clients are valid clients. The default is disabled.
Detect and report Ad-Hoc Networks	Ad-hoc rogue detection and reporting that you can enable or disable. The default value is enabled.
Rogue Detection Report Interval	Time interval in seconds at which the APs should send the rogue detection report to the controller. The default value is 10 seconds. Values range from 10 to 300 seconds.

If you want the Switch to automatically contain certain rogue devices, select the following check boxes. Otherwise, leave the check boxes unselected, which is the default value.

Parameter	Description
Auto Containment Level	Rogue auto containment level. You can choose auto containment level from 1 to 4, which means that up to 4 APs can be used for auto containment when a rogue is moved to a contained state through any of the auto containment policies.
Auto Containment only for Monitor mode APs	Monitor mode APs for auto containment. The default is disabled.
Rogue on Wire	Automatic containment of rogues that are detected on the wired network. The default is disabled.
Using our SSID	Automatic containment of rogues that are advertising your network’s SSID. If you leave this parameter unselected, the Switch only generates an alarm when such a rogue is detected. The default is disabled.
Valid client on Rogue AP	Automatic containment of rogues access point to which trusted clients are associated. If you leave this parameter unselected, the Switch only generates an alarm when such a rogue is detected. The default is disabled.
AdHoc Rogue AP	Automatic containment of adhoc networks detected by the Switch. If you leave this parameter unselected, the Switch generates an alarm when such a network is detected. The default is disabled.