Computer security, particularly network security, has become a significant concern in recent years. Network security concerns generally fall into two categories: privacy and access control. Privacy mechanisms are used on networks to prevent the publication of otherwise private information; while access control protocols are designed to prevent unauthorized access to computer networks and the information stored on computers connected to the networks. Without access control features in place, unauthorized users can access a network and steal or corrupt stored information, or disrupt operation of the network. Unauthorized access is of particular concern on networks that provide access to sensitive information, e.g., those used in enterprise environments, such as corporations or government entities.
Wireless computer networks are being increasingly deployed in commercial and institutional campus environments, and network owners and users are concerned about the security holes that they create. Controlling access to wireless data networks is more difficult than controlling access to conventional wired networks because over-the-air radio channels travel outside of buildings and campuses. Thus, to prevent unauthorized access, it isn't sufficient to simply limit physical access to the wireless connection points. In wireless local area networks (LANs), rogue (unauthorized) access points (APs) can be deployed by end users that are hard to track down and to locate. In addition, rogue (unauthorized) wireless client stations can assault networks with denial of service attacks and gain unauthorized access using stolen client station credentials, such as user IDs and passwords. Accordingly, new security techniques are needed to monitor wireless networks and identify and prevent access intrusions, and also to proactively disconnect unauthorized edge devices and client stations from the network.