Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Network Performance Monitor (NPM) > NPM - Knowledgebase Articles > What are rogue Access Points (AP)

What are rogue Access Points (AP)

Table of contents

Updated May 10, 2017


This article provides information on rogue Access Points (AP). 



Orion Platform version 2012.0


A rogue AP is a wireless access point that has gained access to a secure enterprise network without an explicit authorization from the network administration team. These unauthorized rogue access points open wireless backdoors to wired networks.

The following are classifications of APs:

  • Unauthorized APs - Introduced by employees within the organization but without any detrimental intent.
  • Insecure APs - Bypass network security owing to airspace proximity.  For example, a WiFi device brought by an employee.
  • Malicious APs -  Actual rogue APs that pose a security threat. Malicious APs are characterized by the following:
    • Skyjacking attack. Vulnerabilities within device access points could be used by remote attackers to convert an authorized AP into rouge by taking full control over it.
    • Planting a malicious rogue AP within the office space disguised as a trusted AP.
    • Rogue APs can also trick MAC addresses used by legitimate APs or try to mimic your own WLAN's SSID


While all of these malicious and non-malicious APs need to be monitored, it is the responsibility of the network administrator to ensure the malicious ones are contained and eliminated.

For more information, see the following THWACK discussion:








Last modified