Versions Compared

Old Version 1

changes.mady.by.user Brad Wilson

Saved on

compared with

New Version Current

changes.mady.by.user Brad Wilson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Customer Manufactures setting is used to determine what devices will show up as Rogure Network Devices in the Switchport Connection Report

...

The list of Manufacturers is dynamic based on the discovered Manufacturer OIDs match to MAC addressed in your network. Use this list to select what manufacturer equipment is expected to exist and be configured in your environment. Click Save after you have made your selections and then click Close to continue using bitB.

...

Looking at the following snippet from the Switchport Connection Report, you can see that bitB has flagged two devices as Rogue. (highlighted in yellow).

There are multiple classifications of Rogue devices in the industry. QoS Networking uses three definitions for Rogue Devices.Administratevly

QoS Networking Rogure Device Classifications

Administrative Rogue

...

Administratively Rogue is defined as a Rogue Device

...

labeled by an Administrative Process

Questions to determine if a device is Adminstratively Rougue:

  1. Is the network device manufacturer supported in the network?

  2. Is the network device manufacturer supported by bitB?

  3. If the network device manufacturer

...

  1. is supported in the network, was

...

  1. bitB able to discover the device?

There are four categories of Administratevily Rogure devices. These are shown in the below image.

Operational Rogue Device

Information has been collected that the device is operating on or near the network and has the ability to become a Malicious Rogue Device. Here are a couple of examples:

  1. A Wireless Access Point is operating in the same area as your wireless network. The access point isn’t broadcasting any of your SSIDs. This could be an access point used by a vendor for the cafeterias in your building.

  2. An End User has their hotspot enabled on their Android or Apple phone. The phone isn’t broadcasting any of your SSIDs.

Malicious Rogue Device

  1. An unsupported network device has been added to the wired network. Computers on the network are getting DHCP devices from this unsupported network device.

  2. An access point was detected on the network. The access point is broadcasting one or more of your SSIDs.

Here are the four categories of Administratively Rogue Devices:

...

Let’s look at examples using the bitB Switchport Connection Report:

The first is a Cisco Device. The message says Rogue Network Device - Not ConfiguredThis happens when the Manufacturer IS SUPPORTED

Is the network device manufacturer supported in the network

...

? YES

Is the network device manufacturer supported by bitB? YES

If the network device manufacturer is supported in the network, was bitB able to discover the device? NO

This could be due to a firewall blocking the connection, local security policy on the device, or username/password issues which are Administrative issues.

The second is a Netgear Device. The message says Rogue Network Device. This happens when the Manufacturer is NOT SUPPORTED in the network and NOT SUPPORTED by bitB.

Is the network device manufacturer supported in the network? NO

Is the network device manufacturer supported by bitB? NO

If the network device manufacturer is supported in the network, was bitB able to discover the device? N/A

...

To demonstrate the last two possible values Administratevily Rogue categories, I have removed Cisco as a supported Manufacturer and selected Netgear as a supported Manufacturer.

...

The message for the Cisco Device has changed from Rogue Network Device - Not Configured to now says Rogue Network Device - Not Customer Supported.This happens when the Manufacturer is NOT SUPPORTED

Is the network device manufacturer supported in the network

...

? NO

Is the network device manufacturer supported by bitB? YES

If the network device manufacturer is supported in the network

...

by bitB but the device has not properly been configured to be discovered by bitB. This could be due to a firewall blocking the connection, local security policy on the device, or username/password issues.

The second is a Netgear Device. The message says Rogue Network Device.

...

, was bitB able to discover the device? N/A

The message for the Netgear Device now says Customer Supported Network Device.

Is the network device manufacturer supported in the network? YES

Is the network device manufacturer supported by bitB? NO

If the network device manufacturer is supported in the network, was bitB able to discover the device? N/A

...