Hi @bdillard Yes, any network that the AP detects which is not part of your network is considered as Rogue AP. If you are aware of that network\SSID, then you can mark it as "Known". And if you are facing issue from that SSID, then you can mark it as "Malicious" then the clients will not be able to connect to that SSID. Note: When you mark it as "Malicious" then the Ruckus APs will send the deauth using the Rogue AP's MAC, which the client thinks that the Rogue AP is sending the deauth, so there are chances that the Other network clients will also gets disconnect from that Rogue AP if the clients sees the deauth from Ruckus AP. So please plan it accordingly before marking the Rogue AP as "Mallicious"