What is a Rogue Device?


Netsurion's Rogue Device Manager service monitors the devices present in your "Trust Network" (the network containing your Point of Sale system), and compares what it finds to a list of known devices (the "Baseline"). 

A Rogue Device is any device that your firewall doesn't recognize that appears in the same network as your Point of Sale system. Often this is a device you purposefully connected to your network, but if not, there is cause to investigate.


Why did I receive a Rogue Device Alert, and what should I do about it?


There are three reasons you might receive a Rogue Device Alert, in order of most common to least:


  1. An existing device on your network changed its local IP address. This often happens when your "Trust Network" is configured with DHCP. This causes devices to get new local IP addresses periodically, and after every network reboot. If this is the case, one of two solutions is recommended:
    1. Convert your Trust Zone to a Static IP Configuration. This involves some cooperation between Netsurion and someone on site, as settings will need to be changed on your local devices, but it means that every device will always have the same local IP address.
    2. Netsurion can ignore IP Address changes for alerting purposes.

  2. You connected a new device to your Trust Network
    1. If the device is temporary, you can ignore the alert
    2. If the device will remain on (or frequently return to) the network, you'll want to let us know so that we can add the device to the Baseline.

  3. Someone else connected a new device to your Trust Network
    1. In this scenario, the most common answer is someone on site such as an employee or contractor connected a device (like a laptop) to the firewall in an attempt to get internet access.
    2. If you are unable to determine who connected a device to your network, we can assist you in investigating.