Rogue (Personal) Wireless Access Points

Why does SJSU not allow personal (rogue) wireless access points on campus?

A rogue access point is a wireless access point that has been installed on the SJSU network without explicit authorization from SJSU Network Services.

Rogue access points on campus present several issues:

  • Security risk
  • Radio Interference with SJSU_Premier access points
  • Diminished effectiveness of the SJSU Wi-Fi, impacting service to everyone nearby

From a security perspective, a rogue access point can allow unauthorized users and devices on the SJSU network. Additionally, a rogue access point can be used by a hacker to conduct a man-in-the-middle attack and steal user information.

From a radio interference aspect, SJSU wireless access points are all linked together in order to maximize wireless channel use and radio power levels. SJSU Wi-Fi access points will communicate with each other and coordinate channel use to avoid CCI (Cross Channel Interference) and radio power levels to maximize coverage and minimize signal overlap. SJSU Wi-Fi is especially tuned to service a high number of wireless clients at high speeds. Personal access points diminish the effectiveness of the SJSU Wi-Fi in those areas, impacting Wi-Fi service to all around them.

For example, in the 2.4Ghz Wi-Fi frequency, there are only 3 useable channels (1, 6 & 11). When a rogue access point is activated, it takes up one or more of these channels, eliminating at least 33% of the usable channels. Additionally, since rogue access points do not coordinate with SJSU wireless access points, they turn their radio power all the way up and essentially 'shout' over the SJSU Wi-Fi, interfering with SJSU radio signals. This is analogous to trying to have many people in the same room shouting over each other and makes communication less efficient and less effective for everyone.

In order to service the high number of clients on campus, SJSU Network Services has been designed and optimized for high speed communications which allows the wireless clients to get on and off the air very quickly, freeing up the radio to talk to other clients. The personal access points are designed to maximize compatibilities and support many older low speed protocols (such as 802.11b) which take significant more airtime, resulting in less available airtime for other wireless devices.