ZyXEL Communications NWA-3550, NWA-3500 Rogue AP Detection, 15.1 Overview

Rogue AP Detection

15.1 Overview

This chapter discusses rogue wireless access points and how to configure the NWA’s rogue AP detection feature.

Rogue APs are wireless access points operating in a network’s coverage area that are not under the control of the network’s administrators, and can open up holes in a network’s security. Attackers can take advantage of a rogue AP’s weaker (or non-existent) security to gain access to the network, or set up their own rogue APs in order to capture information from wireless clients. If a scan reveals a rogue AP, you can use commercially-available software to physically locate it.

Note that it is not necessary for a network to have a legitimate wireless LAN component for rogue APs to open the network to an attacker. In this case, any AP detected can be classified as rogue.

Figure 113 Rogue AP Example

In the example above, a corporate network’s security is compromised by a rogue AP (R) set up by an employee at his workstation in order to allow him to connect his notebook computer wirelessly (A). The company’s legitimate wireless network

	179
NWA-3500/NWA-3550 User’s Guide	179