Rogue access point scan
A rogue access point refers to any access point connected to your network without authorization. Attackers can use rogue access points for traffic sniffing and other purposes such as man-in-the-middle attacks. You can mitigate these threats by scanning nearby access points and marking unauthorized access points as rogue access points.
Note
Rogue AP scan is available only on Sophos Firewall devices with integrated Wi-Fi.
Scan for rogue access points
To scan your network for unauthorized access points and mark them, do as follows.
- Go to Wireless > Rogue AP scan.
-
Under Scan results, click Scan now.
Note
Client devices are disconnected for a short time during the scan.
All detected access points appear under Unrecognized access points.
-
Take one of the following actions:
- To authorize an access point, click Mark as "authorized access point" .
- To mark an access point as a rogue access point, click Mark as "rogue access point" .
Schedule rogue access point scan
To schedule scanning for rogue access points, do as follows:
- Go to Wireless > Rogue AP scan.
- Under General settings, click Schedule system-triggered scan at.
- Select a schedule from the drop-down menu or create a new schedule.
- Click Apply.