Configure RAPIDS

Aruba Central RAPIDS allow users to configure RAPIDS rules to customize classification. Users can configure a predefined set of classification criteria at the global level to determine the classification of a neighboring AP.

To enable RAPIDS, click the Config icon in Manage > Security > RAPIDS and enable the Enable RAPIDS toggle button.

The Enable RAPIDS page displays the default classification rules in a table:

Table 1: Classification Rules

Field	Description
Name	Name of the rule created.
Classification	Classification of the detected AP: Rogue Neighbor Suspect Rogue
Enabled	Status of the rogue detected.

The default classification rules that are already configured and visible in the table are as follows:

• Suspected AP On-Prem—This rule detects an AP with a signal strength greater than -50 dBm Decibel-Milliwatts. dBm is a logarithmic measurement (integer) that is typically used in place of mW to represent receive-power level. AMP normalizes all signals to dBm, so that it is easy to evaluate performance between various vendors.. To have such a high signal strength, the AP must either be:

  • Very close to the network
  • On the network premises for it to have such high signal strength

  Hence, the classification results into a suspected rogue.

• Hotspot Hotspot refers to a WLAN node that provides Internet connection and virtual private network (VPN) access from a given location. A business traveler, for example, with a laptop equipped for Wi-Fi can look up a local hotspot, contact it, and get connected through its network to reach the Internet. Demotion—This rule detects a rogue device when a wireless BSSID Basic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly. identifies simultaneously as a wireless client and neighbor AP. The classification results into a suspected rogue.

• Detected on the wire—This rule detects a rogue device when a wireless BSSID matches a wired MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address reported from one of the managed switches is the network. The classification results into a rogue.

You can reorder the rules in the table by dragging it up or down. AP classification checks the rules, starting from the top of the table. When a match is found at any point then, that becomes the resulting classification of the monitored AP. RAPIDS then pushes the final classification back to the Virtual Controller or the AP providing the user a consistent classification value across the network.

Customize the Classification Rules table as follows:

• To select the required columns, click the icon o select the required columns.
• Click Reset to default to reset the table to the default columns.
• To autofit the columns, click the icon and select Autofit columns.
• To delete or edit the rule, hover over the classification rule and click the or icon respectively.

For more information, see the following topic:

• Configuring a New Rule