WIPS Summary

The WIPS (Wireless Intrusion Protection System) provides continuous protection against wireless threats and acts as an additional layer of security complementing wireless VPNs and existing encryption and authentication policies. Controllers and service platforms support WIPS through the use of dedicated sensor devices, designed to actively detect and locate unauthorized AP devices. After detection, they use mitigation techniques to block devices using manual termination, air lock down or port suppression.

The WIPS Summary screen lists RF Domains residing in the system and reports the number of unauthorized and interfering devices contributing to the potential poor performance of the RF Domain‘s network traffic. Additionally, the number of WIPS events reported by each RF Domain is also listed to help an administrator better mitigate risks to the network.

To review and assess the impact of rogue and interfering APs, as well as the occurrence of WIPS events within the managed system:

  1. Select the Statistics menu from the Web UI.
  2. Select the System node from the left navigation pane.
  3. Select WIPS Summary from the left-hand side of the UI.
    Click to expand in new window
    GUID-FD35B8FE-1823-43BA-8981-D749D6848DBF-low.png
  4. Refer to the following WIPS data reported for each RF Domain in the system:
    RF Domain Lists the RF Domain within the system reporting rogue and interfering AP event counts. Use this information to assess whether a particular RF Domain is reporting an excessive number of events or a large number of potentially invasive rogue APs versus the other RF Domains within the controller, service platform or AP managed system.
    Number of Rogue APs Displays the number of unsanctioned devices in each listed RF Domain. Unsanctioned devices are those devices detected within the listed RF Domain, but have not been deployed by a administrator as a known and approved controller, service platform or AP managed device.
    Number of Interfering APs Displays the number of devices exceeding the interference threshold in each listed RF Domain. Each RF Domain utilizes a WIPS policy with a set interference threshold (from -100 to -10 dBm). When a device exceeds this noise value, it is defined as an interfering access point capable of disrupting the signal quality of other sanctioned devices operating below an approved RSSI maximum value.
    Number of WIPS Events Lists the number of devices triggering a WIPS event within each listed RF Domain. Each RF Domain utilizes a WIPS policy where excessive, MU and AP events can have their individual values set for event generation. An administrator can enable or disable the filtering of each listed event and set the thresholds required for the generation of the event notification and filtering action.
  5. Select the WIPS Report button to launch a sub-screen to filter how WIPS reports are generated for the system.
    Click to expand in new window
    GUID-8C3357F5-7761-4EDF-B6F2-C642670301D1-low.png
  6. Select one of the following options to refine event reporting to a specific type of WIPS activity.
    • Only Rogue APs
    • Only Interferer APs
    • All APs
  7. Click Generate Report to compile and archive the results of the query.
  8. Click Refresh to update the screen‘s statistics counters to their latest values.