Thought Leadership Summit
Wi-Fi Security: Intrusion Detection and Prevention

Questions and Discussions Below

Some enterprises contend that if they have all their wired security bases covered, wireless intruders won't be able to access their private network resources. They cite this as a reason not to invest in WIPS.

What's your security argument against this position?

What are the primary threats that WIPS offerings should be able to mitigate?
What are the tradeoffs, functional or monetary, for using dedicated WIPS sensors versus a WLAN AP doing double duty as both AP and security sensor?
Is there a rule of thumb for the ratio of sensors to APs needed to accurately scan an enterprise's air space?
What if I have a no-wireless policy in my enterprise - how many sensors will I need then?


Let's say I had a 300-AP wireless LAN environment in my company.

What would be the bottom line list price of a WIPS solution from your company?
What are the next technology, management, and security advances that enterprises can look forward to for WIPS?
Could each of you provide a basic overview about your prevention capabilities?

For example, how do each of you perform wireless containment/quarantine, and how many devices can you block simultaneously?
To what extent do your (or any) products do reactive and/or proactive jamming to prevent the use of unauthorized access points?

I'm thinking of two scenarios.  In the first (reactive), the WIPS detects a rogue device and then starts sending out "jamming" traffic so it renders the rogue point useless until you have the opportunity to physically track down the device and disable it.

In the second (proactive), you send a "jamming signal" on all unused frequencies within the area so that a rogue point can't get a signal out.
Please describe your product's approach to determining and mapping the location of potential rogues and attackers, including historical vs. real-time tracking, minimum sensor/AP requirements to enable locationing, and typical accuracy.
There's been a bit of discussion in the press recently about "virtual Wi-Fi adapters" being embedded in operating systems (such as the new Windows 7 and Mac OS) and in mobile handsets.

What, if any, threat do these "soft APs" pose? And do the threats differ in any way from a typical, unauthorized hardware AP? If so, how?

Thanks in advance!

Summit Sponsors