Wireless network monitoring

Wireless network monitoring

You can monitor both your wireless clients and other wireless networks that are available in your coverage area. Monitoring wireless clients

Monitoring rogue APs

Suppressing rogue APs

Monitoring wireless network health

 

Monitoring wireless clients

 

To view connected clients on a FortiWiFi unit

1. Go to Monitor > Client Monitor.

The following information is displayed:

SSID                                            The SSID that the client connected to.

FortiAP                                       The serial number of the FortiAP unit to which the client connected.

User                                            User name

IP                                                 The IP address assigned to the wireless client.

Device

Auth                                            The type of authentication used.

Channel                                      WiFi radio channel in use.

Bandwidth Tx/Rx                      Client received and transmitted bandwidth, in Kbps.

Signal Strength / Noise            The signal-to-noise ratio in deciBels calculated from signal strength and noise level.

Signal Strength

Association Time                      How long the client has been connected to this access point.

 

Results can be filtered. Select the filter icon on the column you want to filter. Enter the values to include or select NOT if you want to exclude the specified values.

 

Monitoring rogue APs

The access point radio equipment can scan for other available access points, either as a dedicated monitor or in idle periods during AP operation.

Discovered access points are listed in Monitor > Rogue AP Monitor. You can then mark them as either Accepted or Rogue access points. This designation helps you to track access points. It does not affect anyone’s ability to use these access points.

It is also possible to suppress rogue APs. See Monitoring rogue APs on page 894.

 

Onwire rogue AP detection technique

Other APs that are available in the same area as your own APs are not necessarily rogues. A neighboring AP that has no connection to your network might cause interference, but it is not a security threat. A rogue AP is an unauthorized AP connected to your wired network. This can enable unauthorized access. When rogue AP detection is enabled, the Onwire column in the Rogue AP Monitor list shows a green up-arrow on detected rogues.

Rogue AP monitoring of WiFi client traffic builds a table of WiFi clients and the Access Points that they are communicating through. The FortiGate unit also builds a table of MAC addresses that it sees on the LAN. The FortiGate unit’s on-wire correlation engine constantly compares the MAC addresses seen on the LAN to the MAC addresses seen on the WiFi network.

There are two methods of Rogue AP on-wire detection operating simultaneously: Exact MAC address match and MAC adjacency.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.