Wireless Intrusion Protection System (WIPS)
An 802.11 network is open and borderless, making it vulnerable to attack (e.g., rogue APs, unauthorized clients, DoS attacks). The Wireless Intrusion Protection System (WIPS) application monitors the wireless radio spectrum for the presence of unsafe access points and clients, and can take countermeasures to mitigate the impact of foreign intrusions. WIPS provides an overview of wireless network threats/intrusions for Stellar APs, and enables users to set up policies to detect threats and take countermeasures.
The WIPS Summary screen provides an overview of network threats and intrusions for Stellar APs, including Rogue APs and Blocklisted Clients, as well as network attacks over the selected monitoring period. To access the WIPS Summary screen, click on Wireless > WIPS > Summary under the “Configure” section of the OmniVista Cirrus Menu.
Rogue AP/Clients and Blocklist Clients
Click on the Rogue AP/Clients and Blocklist Clients tab on the WIPS Summary screen to display the following:
An overview of detected Rogue APs and Clients
An overview of clients that have been automatically and manually added to the Blocklist.
Top N Attacks
Click on the Top N Attacks tab on the WIPS Summary screen to view a list of attacks from foreign APs and Clients,
Click on Settings to configure the number of attacks to display (Top 5, 10, 20).
WIPS Views and Policies
In addition to the overview provided on the WIPS Summary screen, you can view detailed information on intrusive APs and wireless attacks, and create policies to detect and react to the attacks. Detailed views and policies are configured using the following links under the WIPS application (Configure > Wireless > WIPS):
Policy - Define rules for classifying rogue AP/wireless attacks and specify the measures that will be taken to react to the threats.
Intrusive Access Points - Display detailed information about interfering APs and rogue APs, as well as clients connecting to the intrusive AP.
Wireless Attacks - Display detailed wireless attack information.