What are the best methods for handling rogue APs?
First we have to define what is a “Rogue Access Point”?
There are neighbors who have AP’s that show up in your client’s Wi-Fi as accessible to join. Is that a Rogue? You have no legal right to do anything with that type of Rogue – it is outside your building and just sharing the same legal frequencies.
But an Access Point that you do not own, that is on your wired network, sharing it with others wirelessly – that type of Rogue is something you should track down and remove immediately.
You can listen in the air for the Rogue AP’s MAC address, and then look for a like MAC in your switches CAM tables, find the switch port and remove the offending device.
There are commercial tools to help with this process. If you are using Enterprise-Class Access Points, many have a built-in Wireless Detection System, and even rudimentary location tracking features to help you find the Rogue.