Identifying an unauthorized or misconfigured wireless access using distributed endpoints

A system for identifying at least one of unauthorized and misconfigured wireless network access (APs) in a data transmission network, the system comprising: a plurality of network endpoints; a plurality of agents that are executing on the plurality of endpoints, wherein the agents are adapted so as to locate and report periodically WAPs localized WAPs to a central entity; and a central entity that is functionally able to receive information relating to localized wireless APs of the plurality of agents, that it determines whether at least a particular one of localized WAPs to be checked, and in that it initiates an active testing localized WAPs if it is determined that the specific localized WAPs must be checked wherein the central entity a) passive data for locating operations, and active data to verify operations, collected and analyzed, and b) controls the plurality of agents which are running on the plurality of end points on the basis of these results, wherein the central entity having: a receiving module, which is designed such that it receives information from one or more of the WAPs; a reporting and warning output module that is connected to the receiving module; a database that is connected to the receiving module and the reporting and warning output module, a control module that is connected to the database and wherein the control module is functionally capable prescribed to apply rules stored in the database to determine a configuration status of an observed WAP to determine whether the observed WAP should at least be checked by one of the plurality of network endpoints.