• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Without Classification, WIPS Can’t Truly “Prevent” Anything

October 18, 2016 By Jason Vendramin

classification the missing aspect of wips
Modern organizations understand that providing safe and reliable Wi-Fi is now a basic requirement for serving customers and doing business. So why do so many companies struggle with the “safe” part of Wi-Fi? The rapid proliferation of wireless networks in recent years has made it easier for cyber criminals to successfully intercept, peruse and steal data using rogue or unauthorized devices.

Wireless Intrusion Prevention Systems (WIPS) are a common wireless network security solution used to defend Wi-Fi networks against unauthorized devices, rogue access points (APs), and other threats. WIPS solutions are meant to defend airspace through detection, classification and prevention. Here’s where things get interesting.

Most WIPS out there can’t accurately classify connected devices and APs. Discovery and prevention of wireless connections in a given airspace is generally easy to do – as is identifying authorized connections. The missing puzzle piece for most WIPS is the ability to accurately distinguish between truly malicious devices or APs and neighboring (external) devices or APs in the airspace.

Without foolproof classification of connected devices and APs as either authorized, external or rogue, businesses run the risk of inadvertently shutting down innocuous neighboring devices or APs – a mistake that can result in damaged reputations and legal consequences. In fact, many companies actually downgrade their WIPS solutions to a simple wireless intrusion detection system (WIDS) to mitigate these risks. With detection as their primary function and the prevention aspect of the system turned off, most WIPS solutions can’t actually “prevent” anything or take any kind of automated action against malicious devices or APs.

Without 100% confidence in their WIPS solution’s ability to differentiate between genuinely rogue and neighboring devices or APs, businesses have to rely on manual classification of each connection in the airspace – a time-consuming and risky proposition.

For more information on unlocking the power of WIPS, read Classification – The Critical Missing Aspect of WIPS.

Visit https://www.watchguard.com/wifi to check out WatchGuard’s family of Secure Wi-Fi solutions.

Share This:

Related

Filed Under: WatchGuard Articles

Comments

  1. Gino Gori says

    March 15, 2019 at 5:52 pm

    This is so true!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • How Not to Update Software

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use