Wireless IPS Buyer's Guide
May 03, 2012
These are the questions to ask when selecting a WIPS to rapidly and reliably detect, classify, locate, and react to incidents that impede WLAN security, performance, and operation.
- QoS and spectrum optimization: Dedicated WIPS products are growing more sophisticated when it comes to service assurance. Ask about features such as VoIP or video performance measurement, integrated spectrum analysis, and other tools intended to leverage WIPS as a distributed foundation for optimizing service delivery.
- Compliance reporting: Every WIPS can generate a slew of scheduled or on-demand reports. Ask vendors to generate reports that would be of interest to your business and then assess outputs for usability and completeness. Look for canned reports that document compliance with specific industry regulations and ability to export data to your own reporting tools.
- Security certifications: If appropriate for your business, ask vendors about certifications such as FIPS 140-2 and Common Criteria EAL2, which may be important to safeguard data exchanged by and stored by WIPS components.
- Manageability: This is an important characteristic for any product. Factors like purchase price, maintenance fees, server and sensor installation, and routine maintenance all impact total cost of ownership (TCO). For WIPS, ask about on-going maintenance required to classify rogue devices and fine-tune policies -- these Opex costs can quickly dwarf any Capex savings.
- High availability and scalability: Enterprise-class WIPS products offer high-availability and scalability options, such high-volume event storage, regional WIPS servers under a common manager, and role-based console access. Ask vendors how sensors behave during loss of server connectivity and how long forensic data and audit reports will remain available.
Wireless IPS productsThese are just some of the many features and capabilities currently found in WIPS products. As with other network infrastructure products, multi-vendor benchmark test reports can be helpful when evaluating WIPS. However, WLAN composition and security policies and practices vary so much that in-situ pilots are often a more effective way to evaluate the relative merits and limitations of prospective products.
Lisa Phifer owns Core Competence, a consulting firm focused on business use of emerging network and security technologies. With over 25 years in the network industry, Lisa has reviewed, deployed, and tested network security products for nearly a decade.