LANSWEEPER USE CASE
Rogue Device Detection
Instantly Detect Unknown & Rogue Devices on your Network
The Rise of Rogue IT
Shadow IT, Bring-Your-Own-Device (BYOD), and IoT are an inevitable component of modern enterprise networks. With more and more assets connecting to the corporate network, rogue cyber risks are growing fast and many of these assets may be unknown and unmanaged by IT.
As these undetected assets pose serious security and compliance risks, the ability to detect unknown, unauthorized and potential rogue devices is an essential first step in IT security. This will prevent unauthorized network access. We all know every good security program starts with an understanding of all the assets connected to the network.
Detecting Potential Rogue Devices
Ensuring that unknown devices -which are far more likely to become a rogue network device- are detected the moment they enter your organization's network is crucial.
Lansweeper’s Asset Radar continuously scans and sniffs network packets to detect unknown and potential rogue hosts. It operates in real-time, scanning unobtrusively for connected devices. No matter where and when devices join the network, Asset Radar eliminates the possibility of unnoticed transient devices that quickly connect and disconnect in between regularly planned scans. By setting up email alerts, administrators can be instantly notified about the detection of any unauthorized assets.
Classifying Rogue Device Risks
Rogue device detection management requires recognizing known devices so that you can mitigate threats posed by unknown assets. All packets discovered via Asset Radar are captured in detailed information logs.
These logs show the type of packet that was captured, as well as the retrieved information from these packets: device name, MAC, IPv4 and IPv6 addresses, as well as specific network information such as the default gateway, subnet, PingTTL, and RTT. All log entries can be individually evaluated and delivered to the active scanning queue for more in-depth analysis. This also helps you prevent rogue access points.
Pairing Passive & Active Scanning: A Win-Win Scenario
By enabling the passive Asset Radar, you can instantly detect unknown assets that may only be briefly connected to the network with our rogue device detection tool. Fast moving transient devices will be picked up and leave a trail in the log files.
Once rogue or unknown devices are detected, our active scanning methods can be selectively applied to provide more in-depth asset information. By combining passive scanning for instant rogue device detection with active scanning technology, you’ll achieve complete visibility of your entire IT environment - eliminating all blind spots. We help you take security measures to block unauthorized access from rogue devices.