FIG. 1 shows a typical organizational computing environment 100. In the organization (e.g., a company, a school, a government office), there are numerous local computing endpoints (e.g., desktop computers, notebook/laptop computers) 102-136. These local computing endpoints 102-136 are generally connected to a network of the organization at those points where a wired connection (e.g., a “network drop”) is available. The organization may also or alternatively provide a wireless communication infrastructure so as to allow the local computing endpoints 102-136 to wirelessly connect to the network.
The wireless communication infrastructure is built through the deployment of wireless access points (WAPs) (such organization-deployed wireless access points not shown in FIG. 1). In general, a “wireless access point” is a device to which another device (e.g., a desktop computer, a notebook/laptop computer) can wirelessly connect to access a network such as a local area network (LAN) (e.g., a network owned and managed by the organization) and/or a wide area network (WAN) (e.g., the Internet). Such communication facilitated by wireless access points allows individuals to be mobile with their respective computing devices. In other words, the individual is not limited to connecting their computing device to a network at only those points where a wired connection is available.
Given the wide availability and low cost of wireless access points, it is easy for individuals to deploy their own wireless access points within the organization. If an organization does not provide wireless access at a particular location, an individual may deploy his/her own wireless access point within range of that particular location and connect it to the organization's network. In such a manner, the individual can then wirelessly connect to the network at the previously unconnected location. Such wireless access points are referred to herein as “rogue” as they are not “sanctioned,” i.e., owned and/or managed, by the organization. In other words, while wireless access points deployed by the organization are configured in accordance with the organization's security policies, rogue wireless access points brought and deployed by individuals may not meet the organization's security requirements, thereby opening a potentially dangerous “back door” into the organization's network.
Referring again to FIG. 1, various rogue wireless access points 146, 148, 150, 152 are shown as being deployed throughout the organization. Organizations are known to take one or more of various measures to prevent security breaches resulting from network access through rogue wireless access points. For example, some organizations have policies to altogether forbid the deployment of unsanctioned wireless access points.
Another approach to prevent an organization's network from being compromised via rogue wireless access points involves jamming frequencies typically used by wireless access points. However, such jamming is counterproductive if the organization has deployed its own “sanctioned” wireless access points. Moreover, in some locales, frequency jamming is illegal.
In some cases, organizations dispatch personnel to manually inspect locations (e.g., offices) for the presence of rogue wireless access points. However, this approach is cumbersome in that it has to be constantly performed. Further, especially for large organizations, this approach necessarily requires increased amounts of time and manpower.
Referring again to FIG. 1, some organizations deploy physical sensors 138, 140, 142, 144 to detect wireless network activity. In such a manner, the physical sensors 138, 140, 142, 144 can be used to detect unauthorized wireless communications. However, this approach requires the deployment of a large number of physical sensors, a number which commensurately increases as the organization grows in total space and number of locations.