Add a classification of "External" to the Rogue AP Actions. The reason is that we want to designate third party access points which are not approved for use, but which are not rogue (i.e. connected to our network without authorization) as External.
Sophos should then develop a set of features we can implement by policy to take action. An example would be a policy that prevents authorized devices from connecting to Rogue or External access points.