Rogue AP Containment Overview
The Cisco DNA Center Rogue AP Containment feature contains the wired and wireless Rogue AP. In case of Wired Rogue AP Containment, Cisco DNA Center brings the ACCESS mode switchport interface to the DOWN state on which the rogue AP is attached. In case of Wireless Rogue AP Containment, Cisco DNA Center instructs the strongest detecting wireless controller to initiate the containment on wireless rogue BSSIDs. The wireless controller in turn instructs the strongest detecting AP for those BSSIDs to stream the deauthentication packets to disrupt the communication between the rogue AP and the wireless clients of the corresponding rogue AP.
Rogue AP containment is classified as:
-
Wired Rogue AP Containment: The rogue AP MAC addresses classified as Rogue on Wire on the Cisco DNA Center rogue threat dashboard.
-
Wireless Rogue AP Containment: The rogue AP MAC addresses classified as Honeypot, Interferer, or Neighbor on the Cisco DNA Center rogue threat dashboard.
Rogue AP Containment is supported on Cisco AireOS Controllers and Cisco Catalyst 9800 Series Wireless Controllers.
Note |
Containment is not supported on aWIPS threats. |