The Wireless Intrusion Protection System (WIPS) provides continuous protection against wireless threats and acts as an additional layer of security complementing VPNs and encryption and authentication policies. WIPS is supported through the use of dedicated sensor devices (access point radios) designed to detect and locate unauthorized devices. After detection, unauthorized devices are blocked by manual termination or air lockdown.
Unauthorized APs are untrusted access points connected to a LAN that accept client associations. They can be deployed for illegal wireless access to a corporate network, implanted with malicious intent by an attacker, or could just be misconfigured access points that do not adhere to corporate policies. An attacker can install an unauthorized AP with the same ESSID as the authorized WLAN, causing a nearby client to associate to it. The unauthorized AP can then steal user credentials from the client, launch a man-in-the middle attack or take control of wireless clients to launch denial-of-service attacks.
WiNG managed controllers, service platforms and access points support unauthorized AP detection, location and containment natively. A WIPS server can alternatively be deployed as a dedicated solution within a separate enclosure. A WIPS deployment provides the following enterprise class security management features and functionality:
Threat Detection - Threat detection is central to a wireless security solution. Threat detection must be robust enough to correctly detect threats and swiftly help protect a controller, service platform or access point managed network.
Rogue Detection and Segregation - WIPS distinguishes itself by both identifying and categorizing nearby access points. WIPS identifies threatening versus non-threatening access points by segregating access points attached to the network (unauthorized APs) from those not attached to the network (neighboring access points). The correct classification of potential threats is critical in order for administrators to act promptly against rogues and not invest in a manual search of neighboring access points to isolate the few attached to the network.
Locationing - Administrators can define the location of wireless clients as they move throughout a site. This allows for the removal of potential rogues though the identification and removal of their connected access points.
WEP Cloaking - WEP Cloaking protects organizations using the Wired Equivalent Privacy (WEP) security standard to protect networks from common attempts used to crack encryption keys. There are several freeware WEP cracking tools available and 23 known attacks against the original 802.11 encryption standard; even 128-bit WEP keys take only minutes to crack. WEP Cloaking module enables organizations to operate WEP encrypted networks securely and to preserve their existing investment in mobile devices.