Mitigating Wireless Threats with Cisco Adaptive WIPS
Controlling the wireless network can some times feel like trying to stop a river. Employees, customers and vendors have their favored mobile devices and they want to be able to use them for work and play. The momentum for this trend is strong and the promise of productivity high so it’s becoming increasingly difficult to fight this trend. As a result, companies are opening their network to guest traffic.
As you well know, this new openness isn’t without risk. The devices that people bring may not always be productive. And sometimes those devices become rogues that can impact network performance and security.
Let’s be clear that not all rogue devices have evil in mind. In fact, many employees innocently bring their own IP cameras and personal hotspots to “help expand” the capabilities of the network. At a minimum, these rogue devices can cause interference that degrades overall network performance or prohibits critical devices from connecting to the network.
The greater danger is that these rogue devices are the weak link that enables a hacker to breach network security. A hacker can tag onto a tethered personal hot spot for easy entry into the network or can sit outside the venue to gain access.
Whatever the intent of the rogue device, it’s critical that you have a solution that leverages location information to identify and mitigate these rogue devices before they compromise your network.
Omaha World-Herald, one of Warren Buffet’s Berkshire Hathaway companies, uses the location capabilities of Cisco Mobility Services Engine (MSE) to ensure rogue devices don’t derail its many offices. Using Cisco’s location and adaptive WIPS capabilities, Omaha World detects rogue devices in real time, determines their location, and mitigates the threat.
While rogue detection and mitigation is an important part of wireless security, it is only one part. A complete wireless security solution should also employ wireless intrusion prevention. While the traditional security solutions provide security within the network infrastructure of switches and routers, they provide little if any protection at the wireless edge.
By contrast, wireless intrusion prevention specifically targets the types of threats unique to wireless. The solution should work full time to detect and mitigate rogue devices through scanning, signatures and anomaly detection, traffic analysis, and device inventory. This edge-to-edge protection helps ease the security burden of infosec teams by stopping hacks at the wireless edge and minimizing the number of security incidents that make it into the network infrastructure.
Cisco has several wireless-specific security solutions including CleanAir, rogue detection and switch port tracing and aWIPS. All of these technologies are embedded in a purpose-built module that can be plugged into Cisco Aironet 3K modular access points, providing dedicated 24×7 protection for the wireless network. These solutions are part of the comprehensive security solutions available from Cisco.
Whatever their intent, rogue devices and wireless threats need to be stopped. Location capabilities and wireless-specific security solutions are important tools to keep your wireless network from going rogue.