Defining the primary architectural approaches for today's WIPS
Author/Blog Contributor - Chia-Chee Kuan, CTO at AirMagnet
Date: July 22, 2010
Today I'd like to review the different architectural approaches for deploying WIPS solutions. As we move ahead, the debate over which approach is best for what situation will likely intensify and is thus a great topic for discussion. WIPS solutions come in three basic architecture types; they are all fundamentally very different, with a variety of pros and cons.
The first and most rudimentary WIPS architecture leverages an AP radio that services wireless clients for WIPS scanning. In this approach, a WIPS module gets a very small time slice (or RF sample) from the AP radio for security scanning. The impact of the time slice to a wireless client service is designed to be minimal, allowing an organization to implement WIPS functionalities at a very low cost. The main advantage (or pro) to this approach is exactly that - low cost WIPS functionality. However, that low cost can come at a huge price. Time slicing uses limited scanning, usually sampling less than one second for each minute period. In laymen terms, that means the WIPS security functionality is not comprehensive and therefore compromised. Essentially, with this approach, an organization is saying, "we use a subset of non-real-time rogue AP detection features as our WIPS security framework." Because of this weakness, major WLAN infrastructure vendors have all moved away from claiming that this WIPS architecture is a good WIPS solution.
The second WIPS architecture is a integrated solution where a dedicated WIPS scanning radio is collocated in the client serving AP. The dedicated radio eliminates the limitations associated with, or the need to use, time slicing. Essentially, it means the WIPS solution is always scanning the air. The advantage to this approach is that all WIPS functionalities can theoretically be supported with the deployed APs, which can service the wireless clients, as well as fulfilling the "always on" WIPS scanning functionality. However, the disadvantage is that this functionality is consolidated within a single AP that is servicing clients and conducting WIPS scanning. That creates a single point of failure, which could be considered a violation of the layered security model and present a security risk. This architecture also dictates that your WLAN infrastructure vendor be your WIPS vendor, due to the dual purposed AP and collocated WIPS modules. This particular single vendor limitation is analogous to an enterprise having to deploy a Cisco firewall, for example, because the enterprise happens to be using Cisco switches. This can also require a hefty investment.
The third WIPS architecture is an overlay solution where dedicated WIPS sensors are deployed. These dedicated WIPS sensors are completely free from serving wireless clients and also provide the "always on" WIPS functionality. The advantage to this approach is the separation between the WLAN infrastructure and the WIPS architecture. This allows the orthogonal implementations to maximize the independence of the WIPS security solution on the WLAN infrastructure. This overlay WIPS architecture also allows an organization to independently select not only a best-of-breed WIPS solution, but also WLAN infrastructure. This independence can be very beneficial in today's diversified WLAN market where the best suited WLAN infrastructure solutions may very well not be your best suited WIPS solution provider. An overlay solution is also the only acceptable approach if an organization has mixed WLAN infrastructure already deployed (or plans to have a mix in the future). The disadvantage to this approach is cost - extra overlaid devices (sensors) require a larger investment from an organization into their wireless security infrastructure.
In summary, there are three main WIPS architectures - (1) integrated WIPS scanning with shared AP radio, (2) integrated WIPS scanning with dedicated radio in AP device, and (3) overlay WIPS scanning with dedicated device (sensor). The level of WIPS security capabilities and business flexibility goes up from (1) to (3). The cost of WIPS equipment and deployment however does not necessarily end up being the highest with option (3) depending on vendors -- however, in some instances, you get what you pay for. As we look at the future of WIPS solutions, it's only going to get more sophisticated, including multiple Wi-Fi radios, WIPS sensors and spectrum radios. What approach do you feel is best suited for your business?
Ogasawara Aug. 26, 2013 5:45 PM
I find when I get into a quilting funk, I need to do stehoming fun. With me, I get into those funks when I'm feeling overwhelmed too many projects hanging over my head. And the funny thing is, focusing on finishing them doesn't help at all. You would think that a finish would eliviate some of the pressure but it really doesn't. Just seems like drudgery. I was a quilting lecture one time and received what was (for me) the best advise ever. If you have a project that's dragging you down if you just don't like it if it's an albatross say goodbye to it. Get it out of your life. And I've done that on occasion. It's pretty liberating! Go make stehoming fun!
Amit Aug. 27, 2013 8:17 PM
I MUST have one of those mustaches! I love it! I am such a big fan of your blog, I love to watch all your cute ltitle creations come to life. Thanks!
Antonio Aug. 28, 2013 7:25 AM
LOL!! I wish, Heather! With the exception of the royal rnmaoce court, including Queens Nora, Linda and Susan Elizabeth, a barrage of fat royalty checks are not waiting in most rnmaoce authors' mailboxes. Writing rnmaoce is like marrying a good man do it for love, not money. http://fjznrj.com [url=http://eepsoahpsq.com]eepsoahpsq[/url] [link=http://fvfjornge.com]fvfjornge[/link]
Carlos Aug. 30, 2013 1:35 AM
I couldnt help nicote one thing we had in common that made me giggle. Your "admin accounts" stuff was filed just like mine , underneath everything hehe.
Hossam Sep. 6, 2013 7:46 PM
If you want someone else to quilt it, check with your local quilt shop, they usllauy have a list.Keep on going...I use the magnifying glasses for needle work, also...lost without them.Mama Bear http://usifmpjy.com [url=http://vhzsxsunmv.com]vhzsxsunmv[/url] [link=http://cvgwrfgiu.com]cvgwrfgiu[/link]
Moving Company Miami
Nov. 17, 2013 10:12 AM
Your article has a lot of great information and it has really helped me with my paper for a class I am taking. Do you have any other posts about this topic?
Laser Hair Removal Boca Raton
Nov. 18, 2013 6:15 AM
Sometimes it is so hard to find good and useful posts out there when doing research. Now I will send it to my colleagues as well. Thank you for being one of them.
Post a Comment: