Q: How can I protect my network from rogue access points? - Kent, N.J.A: Historically, the only way to detect rogue access points was through manual scans. By this we mean having your IT staff manually walk through your premises using a software stack, or specialized device, to detect these security threats. Naturally, this is a costly and time-consuming process. In addition, it is not always effective - employees often find out when scans are taking place and unplug their devices to avoid detection.\u00a0Some vendors have introduced specialized products to address the problem of rogue access points, particularly in traditional peer-to-peer wireless LAN (WLAN) implementations where no such security exists. These work by creating an overlay network of "rogue sniffers\u201d that are responsible for monitoring a WLAN infrastructure to detect unauthorized activity.\u00a0 This provides a good fix for rogue detection, but can be costly to implement and not always tied in with the WLAN itself.\u00a0Other WLAN systems have addressed this problem by building rogue detection capabilities into the access points themselves, combining traffic delivery and intrusion detection in a single infrastructure. With minimal impact on performance, this method provides the best rogue detection visibility into the network with the lowest impact on capital expenditures.Note, however, that merely seeing the presence of an unauthorized access point does not necessarily mean it is a security threat.\u00a0 For instance, there is a difference between an unauthorized access point connected by an employee and an access point in a neighboring building, or a coffee shop across the street.\u00a0A WLAN system should provide tools to make accurate decisions as to what a \u201crogue\u201d really is, with special attention paid to minimizing \u201cfalse positives.\u201d For example, it should identify whether the rogue device is physically connected to your wired network or if it is outside your domain. In addition, it should provide trending information to help paint a complete picture of rogue activity over time.\u00a0 As always, information is key to accurate analysis.But you asked about rogue protection, not just rogue detection. Once a rogue device is identified, how do you prevent it from doing harm?\u00a0 It is time-consuming to mobilize the troops in order to track down and unplug a rogue device.\u00a0 Furthermore, by the time the rogue device is finally found and unplugged, the damage could already have been done.\u00a0 As a result, some wireless LAN systems offer what is commonly called \u201crogue containment,\u201d whereby clients can be prevented from effectively using any device identified as a rogue access point.\u00a0 This makes rogue protection immediate and effective, giving IT staff the time to take physical action.