Blog Reduce Risk

Defending Against Wireless Piracy – WIPS for Dummies

David Coleman Director, Wireless Networking at the Office of the CTO Published 5 Apr 2021

I am happy to announce that the latest free eBook from Extreme Networks is now in print. Wireless Intrusion Prevention Systems (WIPS) for Dummies is available for download. 

Wireless Intrusion Prevention Systems (WIPS) for Dummies  book cover

Some of the topics in the book include:

  • Learning the evolution of WIPS architecture
  • Migrating WIPS to the cloud
  • Identifying all wireless security threats
  • Defending against rogue APs and devices
  • Using signature and forensic analysis
  • Understanding WIPS alarms and reports
  • Realizing that IoT is a WIPS concern
  • Best-of-breed WIPS security with Extreme AirDefense

Wi-Fi security had a bad reputation in its early years —and deservedly so. The legacy security mechanisms initially defined by the IEEE did not provide adequate authentication and data privacy that was needed in a mobility environment. To be blunt, they guarded nothing. In 2005, the Wi-Fi Alliance’s Wi-Fi Protected Access 2 (WPA2) certification addressed most of these concerns, and slowly Wi-Fi in the enterprise gained acceptance.

Businesses of all sizes deploy wireless networks for mobility and access. Wireless is nothing less than a business necessity these days. When people think of wireless networking, they tend to think only in terms of access and not in terms of attacks or intrusions. However, it also became necessary to monitor constantly for many types of wireless attacks because of the potential damage they can cause. As shown in Figure 1, the big buzz-phrase in Wi-Fi security has always been the rogue access point: a potential open and unsecured gateway straight into the entire network that the company wants to protect. A wireless rogue device can be used for data theft, data destruction, loss of services, and other attacks; all are acts of wireless piracy.

 rogue access point: a potential open and unsecured gateway straight into the entire network that the company wants to protectFigure 1 – Rogue APs – The Pirates of Wireless Networking

Although rogue APs get the most press when discussing WIPS, many other attacks are also potentially harmful. A best-of-breed enterprise WIPS solution uses a database of hundreds of threat signatures, including man-in-the-middle attacks, wireless hijacking, DoS attacks, flood attacks, and many more. All of these threats and more are discussed in the WIPS for Dummies eBook.

As various WLAN architectures evolved over the years, and WIPS solutions became integrated, many vendors provided the bare minimum of WIPS capabilities. Very often, the WLAN vendors’ WIPS solution was just enough to check a box in a request-for-proposal (RFP). Sadly, in many cases, WIPS security is now just an afterthought. Furthermore, WIPS has been taken for granted because Wi-Fi security has been enhanced. For example, the WPA2 security certification has recently been upgraded as WPA3 with more robust security mechanisms.

That being said, all the old wireless attacks still exist, and new attacks always debut. Always remember that Wi-Fi and wireless are access technologies for end-users to gain entry into the corporate network. Wi-Fi hackers and other bad guys will try to find holes in the access layer security. And it’s your job to fix the holes you can, whenever you can. As various WLAN architectures have evolved over the years, so has the architecture for WIPS solutions. Although monitoring for Wi-Fi attacks has been the primary focus, other RF technologies Bluetooth (BT) and Bluetooth Low Energy (BLE) are being used in enterprise networks. As a result, WIPS solutions are evolving to also monitor these RF technologies for threats.

In recent years, the entire networking industry has been in the middle of a paradigm shift toward cloud services for management and visibility. WIPS solutions are no exception as they transition to the cloud for all the advantages it offers such as scalability, and an unlimited data horizon. The machine learning capabilities that cloud can offer is enhancing WIPS anomaly detection and wireless threat assessments.

Although WIPS has been taken for granted in recent years, the emergence of IoT reinforces the need to put WIPS back at the forefront of any enterprise security solution. The vast majority of the 11 million new devices introduced to the Internet each day are wireless. All of these devices are potential unauthorized portals into your networks. The Wireless Intrusion Prevention Systems (WIPS) for Dummies book takes a look at all the risks (including rogue access points), the architecture and capabilities of the WIPS solutions, monitoring your networks, and implementing your solution.  After reading this book, you will agree that WIPS is more essential than ever.

Get the latest stories sent straight to your inbox!

Related Enterprise Stories