AP Categories
APs belong to one of the
following categories when they are added to the Analysis Engine database:
- Scanning
APs - This is the subset of authorized APs configured to provide
WIDS-WIPS services.
- Friendly APs - These are
APs that are not part of the authorized network, but they operate in the vicinity of the
authorized network. Friendly APs are operated by a neighboring enterprise for their own
use. Authorized APs can prevent authorized
devices from using friendly APs.
- Uncategorized APs - APs discovered by
scanning APs and which do not fall into any other category. Uncategorized APs require manual
classification. To get the best protection from Radar, classify uncategorized
APs as soon as possible.
- Authorized APs - APs that can be used by devices authorized
to use the network. APs can be added to the list automatically (for example, if the APs
are active on the current host or the host‘s availability partner) or manually.
- Prohibited APs - These are APs that have been manually added
to the Radar database so that the Radar WIDS-WIPS system will detect them and, if so
configured, protect against them. An example of manually prohibited APs might be APs
that were stolen from the authorized network and now could be used to generate a
security breach.