Skip to main content

Wireless Intrusion Prevention System (WIPS)


What is WIPS? - A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. A WIPS compares the MAC addresses of all wireless access points on a network against the known signatures of pre-authorized, known wireless access points and alerts an administrator when a discrepancy is found. To circumvent MAC address spoofing, some higher-end WIPS are able to analyze the unique radio frequency signatures that wireless devices generate and block unknown radio fingerprints.
The primary purpose of a WIPS is to prevent unauthorized network access to local area networks and other information assets by wireless devices. These systems are typically implemented as an overlay to an existing Wireless LAN infrastructure, although they may be deployed standalone to enforce no-wireless policies within an organization. Some advanced wireless infrastructure has integrated WIPS capabilities.

Large organizations with many employees are particularly vulnerable to security breaches caused by rogue access points. If an employee (trusted entity) in a location brings in an easily available wireless router, the entire network can be exposed to anyone within range of the signals.
The Challenges of Securing a Wireless Network
The growth of wireless networking and the sheer number of new mobile computing devices have blurred the traditional boundaries between trusted and untrusted networks and shifted security priorities from the network perimeter to information protection and user security. IT security concerns include rogue wireless access points creating backdoors, distributed denial-of-service (DDoS) attacks, over-the-air network reconnaissance, eavesdropping, traffic cracking, and the need to demonstrate industry compliance.
How to Implement Wireless Intrusion Detection Systems
Wireless intrusion detection systems will monitor a WLAN using a mixture of hardware and software called intrusion detection sensors. The sensor will sit on the 802.11 network and will examine all network traffic. The first challenge to be faced when installing IDS is to decide on the best place to locate the sensors.
WIPS configurations consist of three components:
·         Sensors — these devices contain antennas and radios that scan the wireless spectrum for packets and are installed throughout areas to be protected.
·         Management server - receives information captured by the sensors and take appropriate defense actions based on this information.
·         Database Server — the WIPS server centrally analyzes packets captured by sensors.
·         Console — the console provides the primary user interface into the system for administration and reporting.
A simple intrusion detection system can be a single computer, connected to a wireless signal processing device, and antennas placed throughout the facility. For huge organizations, a Multi Network Controller provides central control of multiple WIPS servers, while for SOHO or SMB customers, all the functionality of WIPS is available in single box.
In a WIPS implementation, users first define the operating wireless policies in the WIPS. The WIPS sensors then analyze the traffic in the air and send this information to WIPS server. The WIPS server correlates the information, validates it against the defined policies, and classifies if it is a threat. The administrator of the WIPS is then notified of the threat, or, if a policy has been set accordingly, the WIPS takes automatic protection measures.
WIPS is configured as either a Network Implementation or a Hosted Implementation.
Network Implementation..
In a network WIPS implementation, server, sensors and the console are all placed inside a private network and are not accessible from the Internet.
Sensors communicate with the server over a private network using a private port. Since the server resides on the private network, users can access the console only from within the private network.
A network implementation is suitable for organizations where all locations are within the private network.
Hosted Implementation..
In a hosted WIPS implementation, sensors are installed inside a private network. However, the server is hosted in secure data center and is accessible on the Internet. Users can access the WIPS console from anywhere on the Internet. A hosted WIPS implementation is as secure as a network implementation because the data flow is encrypted between sensors and server, as well as between server and console. A hosted WIPS implementation requires very little configuration because the sensors are programmed to automatically look for the server on the Internet over a secure TLS connection.
For a large organization with locations that are not a part of a private network, a hosted WIPS implementation simplifies deployment significantly because sensors connect to the Server over the Internet without requiring any special configuration. Additionally, the Console can be accessed securely from anywhere on the Internet.
Hosted WIPS implementations are available in an on-demand, subscription-based software as a service model. Hosted implementations may be appropriate for organizations looking to fulfill the minimum scanning requirements of PCI DSS (Payment Card Industry Data Security Standard).
The facets of a WIPS
A robust WIPS solution must cover three key areas: detection, classification and prevention:
Detection covers the ability to discover all Wi-Fi devices, both infrastructure (APs) and clients, such as smart phones, tablets and laptops.
Classification is the ability to quickly and accurately classify each AP and client device as being authorized (on the monitored network and not malicious), external (not on the monitored network such as a neighbouring café or retail Wi-Fi hotspot network), or potentially harmful (on the monitored network and malicious).
Prevention is the ability to immediately quarantine any rogue client device or access point to prevent malicious activity before it occurs.
The challenge of dense environments
For example, in a crowded inner-city environment, there can be dozens of businesses all broadcasting Wi-Fi within the same location. It is important that each business is able to manage the security of its Wi-Fi network without interfering with the service of their neighbours. Interfering with a neighbour's Wi-Fi network is not only inconvenient for that business owner, it is also illegal.
For this reason, it is critical for a WIPS solution to be able to not only find all client devices and access points in a business's airspace, but to also know the difference between truly rogue devices or APs and neighbouring (or external) devices or APs. Without the confidence in the classification aspect of WIPS, it is impossible to activate the prevention aspect of the tool.
~~~~~~


Comments

Post a Comment

Popular posts from this blog

Li-Fi - A Future Connectivity !!

What is Li-Fi? Light Fidelity or  Li-Fi   is a Visible Light Communications (VLC) system running wireless communications travelling at very high speeds. Li-Fi uses common household LED (light emitting diodes) lightbulbs to enable data transfer, boasting speeds of up to 224 gigabits per second . The term Li-Fi was coined by University of Edinburgh Professor Harald Haas during a TED Talk in 2011. Haas envisioned light bulbs that could act as wireless routers. How it works? Li-Fi and Wi-Fi are quite similar as both transmit data electromagnetically. However, Wi-Fi uses radio waves while Li-Fi runs on visible light . As we now know, Li-Fi is a Visible Light Communications (VLC) system. This means that it accommodates a photo-detector to receive light signals and a signal processing element to convert the data into 'stream-able' content. Visible Spectrum An LED lightbulb is a semi-conductor light source meaning that the constant current of...
14 comments
Read more

Home Automation Why? And How ?

 What is Home Automation?  With advancement of Automation technology, life is getting simpler and easier in all aspects. In today’s world Automatic systems are being preferred over manual system. With the rapid increase in the number of users of internet over the past decade has made Internet a part and parcel of life, and IoT is the latest and emerging internet technology. Internet of things is a growing network of everyday object-from industrial M2M that can share information and complete tasks while you are busy with other activities. Wireless Home Automation system using IoT is a system that uses computers or mobile devices to control basic home functions and features automatically through internet from anywhere around the world, an automated home is sometimes called a smart home. It is meant to save the electric power and human energy.  A key feature in home automation is the ability to do tasks automatically and monitor or change status remotely. C...
19 comments
Read more

What is Machine 2 Machine (M2M)? How its work and Challenges?

Machine-to-machine communication, or M2M, is exactly as it sounds: two machines “communicating,” or exchanging data, without human interfacing or interaction. This includes serial connection, powerline connection (PLC), or wireless communications in the industrial Internet of Things (IoT). Switching over to wireless has made M2M communication much easier and enabled more applications to be connected. As businesses have realized the value of M2M, it has taken on a new name: the Internet of Things (IoT) . IoT and M2M have similar promises: to fundamentally change the way the world operates. Just like IoT, M2M allows virtually any sensor to communicate, which opens up the påossibility of systems monitoring themselves and automatically responding to changes in the environment, with a much reduced need for human involvement. M2M and IoT are almost synonymous—the exception is IoT (the newer term) typically refers to wireless communications, whereas M2M can refer to any two ma...
10 comments
Read more

Wireless Network and Wireless Technology

Wireless communication is among technology’s biggest contributions to mankind. Wireless communication involves the transmission of information over a distance without help of wires, cables or any other forms of electrical conductors. The transmitted distance can be anywhere between a few meters (for example, a television’s remote control) and thousands of kilometres (for example, radio communication). Many communication technologies are well known such as WiFi, Bluetooth, ZigBee and 2G/3G/4G cellular, but there are also several new emerging networking options such as Thread as an alternative for home automation applications, and Whitespace TV technologies being implemented in major cities for wider area IoT-based use cases. Depending on the application, factors such as range, data requirements, security and power demands and battery life will dictate the choice of one or some form of combination of technologies. These are some of the major communication technologies on o...
7 comments
Read more

The Smart Agriculture Revolution !!

The government realizes the need to bring about major changes into agriculture and incorporating the benefits of the digital revolution for better results.  The Internet of Things (IoT) is transforming the agriculture industry and enabling farmers to contend with the enormous challenges they face. The industry must overcome increasing water shortages, limited availability of lands, difficult to manage costs, while meeting the increasing consumption needs of a global population that is expected to grow by 70% by 2050. (Reference:  Food and Agriculture Organization of the United Nations ) Smart farming is a concept quickly catching on in the agricultural business. Offering high-precision crop control, useful data collection, and automated farming techniques, there are clearly many advantages a networked farm has to offer Why agriculture needs to improve? Agriculture is one of the major industries in India . It employs around 50% of the workforce and alo...
8 comments
Read more

OCPP - An EV Charging Protocol

Nowadays, the growing CO2 emissions are one of the main international issues. The world is becoming aware that the current climate issues start being critic and that something has to be done. In parallel, Earth starts running out of fossil fuels so alternative energies and alternative ways of producing energy have to be found. Driving electric vehicles would reduce the CO2 emissions and the use of fossil fuels. Types of EV Charging Protocols ·         Open Smart Charging Protocol (OSCP) ·         OpenADR 2.0 ·         Open Charge Point Interface protocol (OCPI v0.4) ·         IEEE 2030.5 (IEEE Adoption of Smart Energy Profile 2.0 / SEP2) ·         Smart charging protocols overlap ·          Op...
2 comments
Read more

Project Loon - Balloon-Powered Internet for Everyone

What is Project Loon? More than half of the world's population is still without Internet access. Project Loon is a network of balloons traveling on the edge of space, designed to extend Internet connectivity to people in rural and remote areas worldwide History  In 2008, Google considered contracting with or acquiring Space Data Corp., a company that sends balloons carrying small base stations about 20 miles (32 km) up in the air for providing connectivity to truckers and oil companies in the southern United States, but didn't do so Unofficial development on the project began in 2011 under incubation in  Google X  with a series of trial runs in  California 's  Central Valley . The project was officially announced as a Google project on 14 June 2013 The project has run its experimental pilot in New Zealand, Calafornia’s Central Valley, northeast Brazil, South Africa, Sri Lanka (in February),  as well as in I...
5 comments
Read more

Why We Need IoT (Internet of Things) ???

IoT wants to connect all potential objects to interact each other on the internet to provide secure, comfort life for human. Internet of Things (IoT) makes our world as possible as connected together. Nowadays we almost have internet infrastructure wherever and we can use it whenever. Embedded computing devices would be exposed to internet influence. Common instances for embedded computing devices are MP3 players, MRI, traffic lights, microwave ovens, washing machines and dishwashers, GPS even heart monitoring implants or biochip and etc. IoT trys to establish advanced connectivity (with the aid of internet) among these mentioned device or systems or services in order to little by little makes automation in all areas. Image that all thing are connected to gather and all information would be interacted to each other over standard and different protocol domain and applications. In a nutshell IoT wants to connect all potential objects to interact each ot...
1 comment
Read more

HaLow - Future Of WiFi....

What is HaLow? There's a new wireless networking protocol in town and it comes to bring connectivity to the Internet of Things. Wi-Fi HaLow (pronounced "HAY-low") is a marketing name used for products that utilize the IEEE   802.11ah   wireless technology, which offers longer range and lower power connectivity than traditional WiFi -certified products. Wi-Fi HaLow is the latest specification from the Wi-Fi Alliance looking to expand the range of Wi-Fi's connectivity options.  Wi-Fi HaLow will be able to easily work through walls and large barriers because of the propagation capabilities of low-frequency radio waves, as it will operate in the unlicensed wireless spectrum below 1GHz. HaLow’s range will be nearly double the range of today's Wi-Fi, with estimates extending as high as a whopping 3,280 feet.   HaLow is designed for the Internet of Things , designed to connect multiple devices wirelessly, over extended distances and using lower power...
2 comments
Read more

Pokémon Go is getting Indian youth to do what their parents never could .....

What is Pokemon Go? Pokemon Go is a mobile-phone game based on Pokemon cartoon characters and augmented reality. Augmented reality refers to a real-time representation of any actual physical environment with certain elements that are highlighted or modified. In other words, a view of any real world environment onscreen with certain modifications. Developed by Niantic labs , this technology was released on 6 July on Android and iOS in selected countries . Pokemon Go players have to move around in the physical world to catch Pokemon, join gyms and battle with other players. Just as in the animation series. Pokémon Go is getting Indian youth to do what their parents never could.... Young Indians are visiting temples more frequently—but not due to religious reasons. The hit game Pokémon Go is drawing youngsters in India to visit temples as many “pokéstops,” or locations where you can find Pokémon, are located inside these places of worship. Pokémon Go is an ...
3 comments
Read more