Practices to block Wifi SSIDs in datacentres

Q1:
Is it a common industry practice to disallow/jam Wifi SSIDs in datacenters ?

If so, what are the reasons?  Do provide links to white papers or authoritative sources:
I can think of data loss/leakage or I've seen a case where a SysAdmin insert a 4G
dongle into the server to bypass firewall so that he could download patches directly.


Q2:
Can list the common industry tools used to block Wifi SSIDs in datacenters?
sunhuxAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
Q1. Not a common practice. May be seen as non legit too.
https://forums.ruckuswireless.com/ruckuswireless/topics/blocking_rogue_ssids

But I would see that if WIFI is allowed and setup, it will be managed with oversight deploying a WIDS (or normally Wireless LAN Controller) to deter rogue Access Point and the EAP TLS network access control to kick out unauthorised machine. Seldom you will have WIFI setup in DC and even so it is isolated to specific zone. Wired and WIFI are segregated segment. The signal of WIFI will also be adjusted such that it is not all reachability unless there is a direct line of sight, signal are generally attenuated to restricted distance. There would be walk about to check on signal spectrum power and even adopt a Faraday approach with  physical walls that contain the signal leak.

Q2. I see it more of detect and block out rogue AP instead. You don't really jam SSID per se. If you have "contained" the Rogue AP then the WLC will send a flood of de-authenticate packet to the rogue AP.  This will cause the AP to stop associating client and any existing client will get de-authenticated. Consider having a policy to enforce users no to bring in their own AP is what you need.

Possible WLC candidate include Cisco
https://supportforums.cisco.com/t5/getting-started-with-wireless/how-to-jam-rogue-aps/td-p/1619333
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Hardware

From novice to tech pro — start learning today.