AP Scans

This topic is ONLY relevant to security gateways. It is NOT relevant to managed switches.

Overview


Figure 1. Example AP Scans Page

The AP Scans page (Fig. 1) allows you to run access point (AP) scans on and around your network to identify and review every wireless access point in your area to demonstrate PCI DSS compliance. You can set a schedule for running automated AP scans and configure related alerts. There is also a summary of AP scan results.

You must review AP scans quarterly to be PCI-compliant.

This feature is only available with Mako’s Merchant PCI services. See the PCI DSS Summary documentation for details regarding Merchant PCI services. You must have an active PCI DSS Licence in order to access Merchant PCI services.

AP Scan Setup


Figure 2. Example AP Scan Setup Tab

The AP Scan Setup tab (Fig. 2) allows you to enable or disable AP Scanning. You have three options from which to choose: “Inherit,” “On,” and “Off.”

Enable AP Scanning: Inherit


Figure 3. Example Enable AP Scanning with “Inherit” Selected

The AP Scanning feature is set to the “Inherit” option by default (Fig. 3). This will enable or disable the feature based on the Enterprise Template(s) applied to the selected Mako. If any Enterprise Template applied to the selected Mako has AP Scanning enabled, then AP Scanning will be enabled. Otherwise, it will be disabled.

Enable AP Scanning: On


Figure 4. Example Enable AP Scanning with “On” Selected

To explicitly enable AP Scanning for the selected Mako, choose the “On” option, configure the settings that display, then click the “Save AP Scans” button (Fig. 4).

For certain Mako models, WiFi users will be disconnected from the AP during an AP scan. Use caution when enabling this feature.

Choosing the “On” option makes the following fields available:

Schedule

Set the schedule for automated AP Scanning. Choose for scans to be performed either daily at a specified time, such as 12:00 AM, or after a specified time interval, such as every 30 minutes.

Alerts

Choose whether or not to send an alert when a new AP is detected or when encryption settings are changed for a detected AP.

Enable AP Scanning: Off


Figure 5. Example Enable AP Scanning with “Off” Selected

To explicitly disable AP Scanning for the selected Mako, choose the “Off” option, then click the “Save AP Scans” button (Fig. 5).

Save Button

To save any changes you have made here, click the “Save AP Scans” button.

AP Scan Summary


Figure 6. Example AP Scan Summary Tab

The AP Scan Summary tab (Fig. 6) displays a list of detected APs for the selected Mako.

Download

Click either the “Download CSV” link or the “Download PDF” link to download the AP Scan Summary data in your desired format.

Filters

Summary Type

Use the Summary Type dropdown to filter the AP Scan Summary list by choosing a group of APs to display:

  • “All APs” – every AP that has ever been detected by an AP scan from the selected Mako
  • “Recent APs” – APs detected by the most recent AP scan from the selected Mako
  • “Missing APs” – previously detected APs that were not detected by the most recent AP scan from the selected Mako

Search

Use the Search field to filter the AP Scan Summary list by entering search text to match values in several columns.

Columns

  • SSID – identifier of the AP
  • MAC Address – physical address of the AP
  • Encryption – security type of the AP
  • Channel – WiFi channel used by the AP
  • Signal Quality – quality of the wireless signal
  • First Seen – date when the AP was first detected by an AP scan
  • Last Seen – date when the AP was last detected by an AP scan
  • SSID Age – length of time the current SSID has been in use
  • Last Reviewed – date when the AP was last reviewed for PCI compliance purposes
  • Review – current review status of the AP for PCI compliance purposes

Actions


Figure 7. Example AP Scan Summary List Bottom

Review AP

To review an AP for PCI compliance purposes, choose a status option in the Review column dropdown for the AP:

  • “Pending” – AP has not been reviewed yet; when doing a quarterly AP scan for PCI compliance, each detected AP must be reviewed to maintain PCI compliance
  • “Company SSID” – AP is connected to your network and is authorized to be there; no further action required
  • “Third Party SSID” – AP is not connected to your network and belongs to a third party; no further action required
  • “Unauthorized” – AP is connected to your network and is not authorized to be there; this status indicates that further action is needed to restore PCI compliance

After you have completed your review, click the “Save AP Scans” button below the list (Fig. 7) to save your changes.

Previous : Vulnerability Scans
SAQ : Next
Was this post helpful?
Please let us know if this helped you find answers.
Yes
No