Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/19.5/Help/en-us/webhelp/onlinehelp/index.html?contextId=wireless-scan-rogue-access-points

Rogue access point scan

A rogue access point refers to any access point connected to your network without authorization. Attackers can use rogue access points for traffic sniffing and other purposes such as man-in-the-middle attacks. You can mitigate these threats by scanning nearby access points and marking unauthorized access points as rogue access points.

Note

Rogue AP scan is available only on Sophos Firewall devices with integrated Wi-Fi.

Scan for rogue access points

To scan your network for unauthorized access points and mark them, do as follows.

  1. Go to Wireless > Rogue AP scan.

  2. Under Scan results, click Scan now.

    Note

    Client devices are disconnected for a short time during the scan.

    All detected access points appear under Unrecognized access points.

  3. Take one of the following actions:

    • To authorize an access point, click Mark as "authorized access point" Button for authorizing access points..
    • To mark an access point as a rogue access point, click Mark as "rogue access point" Button for authorizing access points..

Schedule rogue access point scan

To schedule scanning for rogue access points, do as follows:

  1. Go to Wireless > Rogue AP scan.
  2. Under General settings, click Schedule system-triggered scan at.
  3. Select a schedule from the drop-down menu or create a new schedule.
  4. Click Apply.