Many Wi-Fi vendors have integrated dedicated wireless intrusion prevention systems (WIPS) directly into their 802.11n systems. Cisco, for example, recently released an application called Adaptive Wireless IPS integrated with a multifaceted attack correlation system in its Wireless Control System (WCS) network management and security policy platform.
The adaptive WIPS allows enterprises to use Cisco’s new indoor Aironet 1140 802.11n access points (AP) as dedicated, full-time security sensors. Sensors pass detection information to Cisco WLAN Controllers (WLC), which pass it to the company's Mobility Services Engine MSE appliance(s) for storage then up to the WCS for correlation and action.
Scott Pope, Cisco senior manager of wireless security product management, says, “We are advising customers to not cut corners on security. So we’re sucking the cost out of it” by integrating security intelligence and forensics with the WCS.
“We’re the only show in town with a breadth of detection integrated all the way up to the management workflow” level, he says.
A few years ago, some 802.11 vendors offered integrated WIPS whereby APs worked double-duty as data forwarding device and scanner. Such systems are still available. In a perfect world, sensors fully dedicated to scanning are far more effective, notes Paul DeBeasi, senior analyst at The Burton Group. But they’re not always perceived as affordable, he adds.
Since 2002, the market for third-party dedicated sensor overlay systems has been shrinking, DeBeasi says. Some 802.11 systems vendors have acquired stand-alone WIPS appliance and sensor makers and are busy integrating them into their WLANs. Most notable: Motorola acquired WIPS market leader AirDefense, and Aruba Networks acquired Network Chemistry.
Third-party WIPS vendors still standing are AirTight Networks and AirMagnet, which also provides performance monitoring and site survey capabilities with its products.
These shifts in the WIPS industry beg some questions. Is shared data forwarding/scanning good enough? If you want dedicated scanning, what are the technical and financial pros and cons of using your Wi-Fi systems provider vs. a third-party overlay? We’ll delve into these questions in the next newsletter.