Wireless Intrusion Prevention System (WIPS)

What is WIPS? - A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. A WIPS compares the MAC addresses of all wireless access points on a network against the known signatures of pre-authorized, known wireless access points and alerts an administrator when a discrepancy is found. To circumvent MAC address spoofing, some higher-end WIPS are able to analyze the unique radio frequency signatures that wireless devices generate and block unknown radio fingerprints.

The primary purpose of a WIPS is to prevent unauthorized network access to local area networks and other information assets by wireless devices. These systems are typically implemented as an overlay to an existing Wireless LAN infrastructure, although they may be deployed standalone to enforce no-wireless policies within an organization. Some advanced wireless infrastructure has integrated WIPS capabilities.

Large organizations with many employees are particularly vulnerable to security breaches caused by rogue access points. If an employee (trusted entity) in a location brings in an easily available wireless router, the entire network can be exposed to anyone within range of the signals.

The Challenges of Securing a Wireless Network

The growth of wireless networking and the sheer number of new mobile computing devices have blurred the traditional boundaries between trusted and untrusted networks and shifted security priorities from the network perimeter to information protection and user security. IT security concerns include rogue wireless access points creating backdoors, distributed denial-of-service (DDoS) attacks, over-the-air network reconnaissance, eavesdropping, traffic cracking, and the need to demonstrate industry compliance.

How to Implement Wireless Intrusion Detection Systems

Wireless intrusion detection systems will monitor a WLAN using a mixture of hardware and software called intrusion detection sensors. The sensor will sit on the 802.11 network and will examine all network traffic. The first challenge to be faced when installing IDS is to decide on the best place to locate the sensors.

WIPS configurations consist of three components:

· Sensors — these devices contain antennas and radios that scan the wireless spectrum for packets and are installed throughout areas to be protected.

· Management server - receives information captured by the sensors and take appropriate defense actions based on this information.

· Database Server — the WIPS server centrally analyzes packets captured by sensors.

· Console — the console provides the primary user interface into the system for administration and reporting.

A simple intrusion detection system can be a single computer, connected to a wireless signal processing device, and antennas placed throughout the facility. For huge organizations, a Multi Network Controller provides central control of multiple WIPS servers, while for SOHO or SMB customers, all the functionality of WIPS is available in single box.

In a WIPS implementation, users first define the operating wireless policies in the WIPS. The WIPS sensors then analyze the traffic in the air and send this information to WIPS server. The WIPS server correlates the information, validates it against the defined policies, and classifies if it is a threat. The administrator of the WIPS is then notified of the threat, or, if a policy has been set accordingly, the WIPS takes automatic protection measures.

WIPS is configured as either a Network Implementation or a Hosted Implementation.

Network Implementation..

In a network WIPS implementation, server, sensors and the console are all placed inside a private network and are not accessible from the Internet.

Sensors communicate with the server over a private network using a private port. Since the server resides on the private network, users can access the console only from within the private network.

A network implementation is suitable for organizations where all locations are within the private network.

Hosted Implementation..

In a hosted WIPS implementation, sensors are installed inside a private network. However, the server is hosted in secure data center and is accessible on the Internet. Users can access the WIPS console from anywhere on the Internet. A hosted WIPS implementation is as secure as a network implementation because the data flow is encrypted between sensors and server, as well as between server and console. A hosted WIPS implementation requires very little configuration because the sensors are programmed to automatically look for the server on the Internet over a secure TLS connection.

For a large organization with locations that are not a part of a private network, a hosted WIPS implementation simplifies deployment significantly because sensors connect to the Server over the Internet without requiring any special configuration. Additionally, the Console can be accessed securely from anywhere on the Internet.

Hosted WIPS implementations are available in an on-demand, subscription-based software as a service model. Hosted implementations may be appropriate for organizations looking to fulfill the minimum scanning requirements of PCI DSS (Payment Card Industry Data Security Standard).

The facets of a WIPS

A robust WIPS solution must cover three key areas: detection, classification and prevention:

Detection covers the ability to discover all Wi-Fi devices, both infrastructure (APs) and clients, such as smart phones, tablets and laptops.

Classification is the ability to quickly and accurately classify each AP and client device as being authorized (on the monitored network and not malicious), external (not on the monitored network such as a neighbouring café or retail Wi-Fi hotspot network), or potentially harmful (on the monitored network and malicious).

Prevention is the ability to immediately quarantine any rogue client device or access point to prevent malicious activity before it occurs.

The challenge of dense environments

For example, in a crowded inner-city environment, there can be dozens of businesses all broadcasting Wi-Fi within the same location. It is important that each business is able to manage the security of its Wi-Fi network without interfering with the service of their neighbours. Interfering with a neighbour's Wi-Fi network is not only inconvenient for that business owner, it is also illegal.

For this reason, it is critical for a WIPS solution to be able to not only find all client devices and access points in a business's airspace, but to also know the difference between truly rogue devices or APs and neighbouring (or external) devices or APs. Without the confidence in the classification aspect of WIPS, it is impossible to activate the prevention aspect of the tool.

~~~~~~

Comments

Li-Fi - A Future Connectivity !!

What is Li-Fi? Light Fidelity or Li-Fi is a Visible Light Communications (VLC) system running wireless communications travelling at very high speeds. Li-Fi uses common household LED (light emitting diodes) lightbulbs to enable data transfer, boasting speeds of up to 224 gigabits per second . The term Li-Fi was coined by University of Edinburgh Professor Harald Haas during a TED Talk in 2011. Haas envisioned light bulbs that could act as wireless routers. How it works? Li-Fi and Wi-Fi are quite similar as both transmit data electromagnetically. However, Wi-Fi uses radio waves while Li-Fi runs on visible light . As we now know, Li-Fi is a Visible Light Communications (VLC) system. This means that it accommodates a photo-detector to receive light signals and a signal processing element to convert the data into 'stream-able' content. Visible Spectrum An LED lightbulb is a semi-conductor light source meaning that the constant current of elect

What is Machine 2 Machine (M2M)? How its work and Challenges?

Machine-to-machine communication, or M2M, is exactly as it sounds: two machines “communicating,” or exchanging data, without human interfacing or interaction. This includes serial connection, powerline connection (PLC), or wireless communications in the industrial Internet of Things (IoT). Switching over to wireless has made M2M communication much easier and enabled more applications to be connected. As businesses have realized the value of M2M, it has taken on a new name: the Internet of Things (IoT) . IoT and M2M have similar promises: to fundamentally change the way the world operates. Just like IoT, M2M allows virtually any sensor to communicate, which opens up the påossibility of systems monitoring themselves and automatically responding to changes in the environment, with a much reduced need for human involvement. M2M and IoT are almost synonymous—the exception is IoT (the newer term) typically refers to wireless communications, whereas M2M can refer to any two ma

Home Automation Why? And How ?

What is Home Automation? With advancement of Automation technology, life is getting simpler and easier in all aspects. In today’s world Automatic systems are being preferred over manual system. With the rapid increase in the number of users of internet over the past decade has made Internet a part and parcel of life, and IoT is the latest and emerging internet technology. Internet of things is a growing network of everyday object-from industrial M2M that can share information and complete tasks while you are busy with other activities. Wireless Home Automation system using IoT is a system that uses computers or mobile devices to control basic home functions and features automatically through internet from anywhere around the world, an automated home is sometimes called a smart home. It is meant to save the electric power and human energy. A key feature in home automation is the ability to do tasks automatically and monitor or change status remotely. Common tasks in

Wireless Network and Wireless Technology

Wireless communication is among technology’s biggest contributions to mankind. Wireless communication involves the transmission of information over a distance without help of wires, cables or any other forms of electrical conductors. The transmitted distance can be anywhere between a few meters (for example, a television’s remote control) and thousands of kilometres (for example, radio communication). Many communication technologies are well known such as WiFi, Bluetooth, ZigBee and 2G/3G/4G cellular, but there are also several new emerging networking options such as Thread as an alternative for home automation applications, and Whitespace TV technologies being implemented in major cities for wider area IoT-based use cases. Depending on the application, factors such as range, data requirements, security and power demands and battery life will dictate the choice of one or some form of combination of technologies. These are some of the major communication technologies on o

OCPP - An EV Charging Protocol

Nowadays, the growing CO2 emissions are one of the main international issues. The world is becoming aware that the current climate issues start being critic and that something has to be done. In parallel, Earth starts running out of fossil fuels so alternative energies and alternative ways of producing energy have to be found. Driving electric vehicles would reduce the CO2 emissions and the use of fossil fuels. Types of EV Charging Protocols · Open Smart Charging Protocol (OSCP) · OpenADR 2.0 · Open Charge Point Interface protocol (OCPI v0.4) · IEEE 2030.5 (IEEE Adoption of Smart Energy Profile 2.0 / SEP2) · Smart charging protocols overlap · Open Charge Point Protocol (OCPP) · IEC 61850-90-8 · Open Clearing House Protocol (OCHP) · Open Charge Point Interface protocol (OCPI 2.1) · Open InterCharge Protocol (OICP) · eMobility Inter-Operation Protocol(eMIP)

The Smart Agriculture Revolution !!

The government realizes the need to bring about major changes into agriculture and incorporating the benefits of the digital revolution for better results. The Internet of Things (IoT) is transforming the agriculture industry and enabling farmers to contend with the enormous challenges they face. The industry must overcome increasing water shortages, limited availability of lands, difficult to manage costs, while meeting the increasing consumption needs of a global population that is expected to grow by 70% by 2050. (Reference: Food and Agriculture Organization of the United Nations ) Smart farming is a concept quickly catching on in the agricultural business. Offering high-precision crop control, useful data collection, and automated farming techniques, there are clearly many advantages a networked farm has to offer Why agriculture needs to improve? Agriculture is one of the major industries in India . It employs around 50% of the workforce and along with fisher

Project Loon - Balloon-Powered Internet for Everyone

What is Project Loon? More than half of the world's population is still without Internet access. Project Loon is a network of balloons traveling on the edge of space, designed to extend Internet connectivity to people in rural and remote areas worldwide History In 2008, Google considered contracting with or acquiring Space Data Corp., a company that sends balloons carrying small base stations about 20 miles (32 km) up in the air for providing connectivity to truckers and oil companies in the southern United States, but didn't do so Unofficial development on the project began in 2011 under incubation in Google X with a series of trial runs in California 's Central Valley . The project was officially announced as a Google project on 14 June 2013 The project has run its experimental pilot in New Zealand, Calafornia’s Central Valley, northeast Brazil, South Africa, Sri Lanka (in February), as well as in Indonesia. T

Pokémon Go is getting Indian youth to do what their parents never could .....

What is Pokemon Go? Pokemon Go is a mobile-phone game based on Pokemon cartoon characters and augmented reality. Augmented reality refers to a real-time representation of any actual physical environment with certain elements that are highlighted or modified. In other words, a view of any real world environment onscreen with certain modifications. Developed by Niantic labs , this technology was released on 6 July on Android and iOS in selected countries . Pokemon Go players have to move around in the physical world to catch Pokemon, join gyms and battle with other players. Just as in the animation series. Pokémon Go is getting Indian youth to do what their parents never could.... Young Indians are visiting temples more frequently—but not due to religious reasons. The hit game Pokémon Go is drawing youngsters in India to visit temples as many “pokéstops,” or locations where you can find Pokémon, are located inside these places of worship. Pokémon Go is an

LiDAR (Light Detection and Ranging)

What is LIDAR? LiDAR (Light Detection and Ranging) is fundamentally a distance technology. An airborne LiDAR system actively sends light energy to the ground. This light emitted is known as a pulse . The LiDAR measures reflected light back to the sensor. This reflected light is known as a return . So pulses of light travel to the ground. They return and are detected by the sensor giving the range (a variable distance) to the Earth. This is how LiDAR earned its name – Light Detection and Ranging . LIDAR systems allow scientists and mapping professionals to examine both natural and manmade environments with accuracy, precision , and flexibility. NOAA scientists are using LIDAR to produce more accurate shoreline maps, make digital elevation models for use in geographic information systems, to assist in emergency response operations, and in many other applications. Currently we are using two types of LiDAR - Ariborne LiDAR and Ground-Based LiDAR. Airborne

Drones - A Future Technology

What is a Drone? – “Drones” are probably the most advanced equipment in the field of robotics, aeronautics and electronics. The technical name of drones is “Unmanned Aerial Vehicles” (UAVs) or Remotely Piloted Aerial Systems (RPAS). They are aerial vehicles which come in wide varieties of sizes, shapes and functions, which are controlled either by remote or control systems from the ground. They are generally used to carry out tasks in which manned flight is considered to be risky. Drones mostly find use in military services, but are now days finding use in various civilian operations such as search and rescue, weather analysis etc. They are known for their “precision” and “stealth” features. Drones have carried out monumental tasks in preventing terrorist attacks. How Drones Work? A typical unmanned aircraft is made of light composite materials to reduce weight and increase maneuverability. This composite material strength allows military drones to cruise at extremely high a

WELCOME TO POLARIZEINDIA.IN

Search This Blog