Submit a ticketCall us

AnnouncementsCome see SolarWinds at VMUG Frankfurt

SolarWinds is delighted to attend the upcoming VMUG which will take place at Kap Europa in Frankfurt on June 19th, 2018.

See event details.

Home > Success Center > Network Performance Monitor (NPM) > What are rogue Access Points (AP)

What are rogue Access Points (AP)

Table of contents

Updated May 10, 2017


This article provides information on rogue Access Points (AP). 



Orion Platform version 2012.0


A rogue AP is a wireless access point that has gained access to a secure enterprise network without an explicit authorization from the network administration team. These unauthorized rogue access points open wireless backdoors to wired networks.

The following are classifications of APs:

  • Unauthorized APs - Introduced by employees within the organization but without any detrimental intent.
  • Insecure APs - Bypass network security owing to airspace proximity.  For example, a WiFi device brought by an employee.
  • Malicious APs -  Actual rogue APs that pose a security threat. Malicious APs are characterized by the following:
    • Skyjacking attack. Vulnerabilities within device access points could be used by remote attackers to convert an authorized AP into rouge by taking full control over it.
    • Planting a malicious rogue AP within the office space disguised as a trusted AP.
    • Rogue APs can also trick MAC addresses used by legitimate APs or try to mimic your own WLAN's SSID


While all of these malicious and non-malicious APs need to be monitored, it is the responsibility of the network administrator to ensure the malicious ones are contained and eliminated.

For more information, see the following THWACK discussion:








Last modified