Rogue Access Points have emerged as one of the most serious and insidious threats to wireless security. In general terms, an access point is considered rogue when it has not been authorized for use on a network. The convenience, affordability and availability of non-secure access points, and the ease with which they can be added to a network creates a easy environment for introducing rogue access points. Specifically, the real threat emerges in a number of different ways, including unintentional and unwitting connections to the rogue device, transmission of sensitive data over non-secure channels, and unwanted access to LAN resources. So while this doesn't represent a deficiency in the security of a specific wireless device, it is a weakness to the overall security of wireless networks.
The security appliance can alleviate this weakness by recognizing rogue access points potentially attempting to gain access to your network. It accomplishes this in two ways: active scanning for access points on all 802.11a, 802.11g, and 802.11n channels, and passive scanning (while in Access Point mode) for beaconing access points on a single channel of operation.
Check the Enable Rogue Access Point Detection box to specify the rogue access point detection method. The Authorized Access Points menu allows you to specify All Authorized Access Points, Create new MAC Address Object Group, or Select an Address Object Group.
The Authorized Access Points menu allows you to specify which access points the SonicWall security appliance will considered authorized when it performs a scan. You can select All Authorized Access Points to allow all SonicPoints, or you can select Create new MAC Address Object Group to create an address object group containing a group of MAC address to limit the list to only those SonicPoints whose MAC addresses are contained in the address object group.
Select Create Address Object Group to add a new group of MAC address objects to the list.