You are probably asking yourself, why!? Or perhaps, you did not know you could add access points in “Monitor” mode only. So, let’s deep dive this design consideration and why you as a Wireless Admin may want to consider deploying monitor access points in your WLAN.
We all seen the access point and client rogue alerts, signature attacks, (IDS, IPS) and other environment events on the WLC and WCS dashboard. Do you know how these alerts are gathered? This function is
part of RRM (Radio Resource Monitoring/Management) Lets look how…
Cisco Unified (Lightweight) access points go off-line and conduct scans in the environment. Much like if you had a sniffer, in the area of the access point conducting the scan on your laptop. During these scans the information gathered is sent to the WLC where this information is processed and displayed. But here is the problem.
Cisco Unified (Lightweight) access points only spends 0.2% off-channel scanning. Further more, the access point will only spend 60ms during EACH scan (10ms to switch channels and 50ms to scan the actual channel). This activity is distributed across your WLAN so that adjacent access points are not scanning at the same time.
Note: In the presence of voice traffic (in the last 100 ms), the access points defer off-channel measurements.
I’ve completed specific testing with no monitor access points deployed in large enterprise environments, only using existing access points with default RRM monitoring enabled.
I conducted testing where I deployed a (1/6) access point ratio. By this I mean for every 6 production access points I would add (1) access point in monitor mode and found a 5% increase on average of environment information. The reason for this increase is simple. Access points that are only on a channel for short intervals can not see every packet, while access points that are on channel can see far greater more packets.
Additionally, Cisco unified access point modes include more then just monitor. It includes rouge detector and sniffer modes. Allowing you to leverage your monitor access points in more ways then one.
In closing, you may want to consider deploying monitor access points in your design.