Home
Support

Cisco Catalyst Center Rogue Management and aWIPS Application Quick Start Guide, Release 3.1.x

View all Saved Content

PDF

Is this helpful?

Helpful Unhelpful

Feedback

Thank you for your feedback. Your response has been recorded.

Ask about this document

Cisco Configuration Guide, Release 4.2

Table of contents

Expand all sections

About this document

Catalyst Center Rogue Management and aWIPS Application

Introduction to the Rogue Management and aWIPS application
About Rogue Management
About Advanced Wireless Intrusion Prevention System
Scale information
Basic setup workflow

Install Catalyst Center Rogue Management Application Package

Application management
Download and Install the Rogue Management and aWIPS application package

Monitor the Rogue and aWIPS Dashboard

Access the Rogue Management and aWIPS application
Monitor the Rogue Management and aWIPS dashboard
Monitor network rogue threats
Get rogue AP and rogue client details from the Threat 360° view
Download aWIPS profile forensic capture from the Threat 360° view
Deploy your device configurations now or later
Preview and deploy your device configurations

aWIPS Profiles

About aWIPS profiles
Create an aWIPS profile configuration workflow
View an aWIPS profile
Assign an aWIPS profile to the network device
Edit an aWIPS profile
Delete an aWIPS profile
Enable or disable aWIPS or aWIPS forensic capture

Rogue AP Containment on Wired and Wireless Networks

Rogue AP Containment overview
Wired rogue AP containment
Wireless Rogue AP Containment
Cisco Rogue AP Containment Actions Compatibility Matrix
View tasks and audit logs of rogue AP containment type

Custom Classification of Rogue APs

About the allowed list workflow
Set up the allowed list workflow
About custom rogue rule creation
Edit a rogue rule
Delete a rogue rule
Create a custom rogue rule
About rogue rule profiles
Edit a rogue rule profile
Delete a rogue rule profile
Create a rogue rule profile
View the allowed access points list
About the allowed vendor list
View vendor rule list information
Edit a vendor rule
Delete a vendor rule
Create a list of allowed vendors

Rogue and aWIPS Event Notifications

Information about the rogue and aWIPS event notifications

Introduction to the Rogue Management and aWIPS application

Updated: December 15, 2025

Want to summarize with AI?

Overview

Introduction to the Rogue Management and aWIPS application short desc. NetFlow creates flow records by monitoring network traffic passing through the router. As a packet stream traverses a router interface, the packets are collected and an internal header is appended.

Note

In releases earlier than Release 2.1.2.0, Rogue Management capabilities were provisioned as a part of device controllability. After a Catalyst Center upgrade, the provisioned Rogue Management subscriptions are not automatically removed from a previously discovered Cisco Wireless Controller. Rogue Management detection might be reported inconsistently on a newly discovered wireless controller.

The Rogue Management application is an optional package for Catalyst Center. Operating within Catalyst Center. After installation, the application helps you monitor threats from unauthorized access points (APs). You can access the Rogue Management functionality as a dashboard within Cisco Catalyst Assurance in the Catalyst Center GUI.

Note

In Release 2.3.7 and later, the Rogue Management and aWIPS application package is applicable for virtual appliances (VAs).

Because the Cisco Advanced Wireless Intrusion Prevention System (aWIPS) is integrated with Catalyst Center, you can monitor the aWIPS signatures within the rogue and aWIPS dashboard.

This guide describes how to activate the rogue and aWIPS application package on Catalyst Center. This guide also explains prerequisites and configurations, describes how to monitor the rogue and aWIPS dashboard, and offers important notes and limitations.

Note

The provisioning actions like rogue and aWIPS subscription enable and disable are supported for IPv6 deployment.

The provisioning actions like aWIPS profile configuration and manual containment or automatic containment for wired and wireless devices are not supported for IPv6 deployment.

The Rogue Management application supports these Cisco AireOS Controller models running Cisco AireOS Release 8.8.111.0 or later:

Cisco 3504 Wireless Controller
Cisco 5520 Wireless Controller
Cisco 8540 Wireless Controller
Cisco Mobility Express

These Cisco Catalyst 9800 Series Wireless Controller models support the Rogue Management application:

Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9300 Series Switches
Cisco Catalyst 9800-40 Wireless Controller
Cisco Catalyst 9800-80 Wireless Controller
Cisco Catalyst 9800-CL Cloud Wireless Controller
Cisco Catalyst 9800-L Wireless Controller
Cisco Embedded Wireless Controller on Catalyst Access Points

The aWIPS application supports Cisco Catalyst 9800 Series Wireless Controller Release 17.1.x and later Cisco Catalyst 9100 Series Access Points, and Cisco 802.11ac Wave 2 Aironet Access Points.

These Cisco Catalyst 9800 Series Wireless Controller models support the aWIPS application:

Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9300 Series Switches
Cisco Catalyst 9800-40 Wireless Controller
Cisco Catalyst 9800-80 Wireless Controller
Cisco Catalyst 9800-CL Cloud Wireless Controller
Cisco Catalyst 9800-L Wireless Controller
Cisco Embedded Wireless Controller on Catalyst Access Points

Need help?

Open a support case

(Requires a Cisco Service Contract)

Introduction to the Rogue Management and aWIPS application

Overview

Need help?

Related topics