What is WIPS (wireless intrusion prevention system)? - Definition from WhatIs.com


WIPS (wireless intrusion prevention system)

Part of the Network security glossary:

A wireless intrusion prevention system (WIPS) is a dedicated security device or integrated software application that monitors a wireless LAN network's radio spectrum for rogue access points and other wireless threats.

A WIPS compares the MAC addresses of all wireless access points on a network against the known signatures of pre-authorized, known wireless access points and alerts an administrator when a discrepancy is found. To circumvent MAC address spoofing, some higher-end WIPS are able to analyze the unique radio frequency signatures that wireless devices generate and block unknown radio fingerprints.

The PCI Security Standards Council recommends the use of WIPS to automate wireless network scanning. In addition to providing a layer of security for wireless LANS, WIPS are also useful for monitoring network performance and discovering access points with configuration errors.

There are three basic ways to deploy a WIPS. The first, primarily found at the lower-end of the market, is known as time slicing or time sharing. In this type of deployment, the wireless access point does double duty, providing network traffic with wireless connectivity while periodically scanning for rogue access points.

In the second approach, which is known as integrated WIPS, a sensor that is built into the authorized access point continually scans radio frequencies, looking for unauthorized access points.

In the third approach, which is known as WIPS overlay, sensors are deployed throughout a building to monitor radio frequencies. The sensors forward the data they collect to a centralized server for further analysis, action and log archiving. This approach is more expensive because it requires dedicated hardware, but it is also thought to be most effective.

WIPS overlay hardware resembles a rack server and the associated sensors resemble Wi-Fi access points. Most WIPS overlay systems share the same fundamental components:

Sensors -- monitor the radio spectrum and forward logs back to a central management server.

Management server -- receives information captured by the sensors and take appropriate defense actions based on this information.

Database server –- stores and organizes the information captured by the sensors.

Console -- provides an interface for administrators to set up and manage the WIPS.

While WIPS overlays provide many valuable features and protections, especially to large enterprises who capture customer data, they can be quite costly. With hardware, applications, subscriptions and training all factored in, an enterprise with 250 access points might spend as much as $100,000 on WIPS.



This was last updated in March 2015
Contributor(s): Matthew Haughn
Posted by: Margaret Rouse

Related Terms


  • going dark

    - The going dark problem, as described by the FBI, is the Bureau’s inability to access legally intercepted communications and information because of the encryption technologies used for data privacy ... (WhatIs.com)

  • threat actor

    - A threat actor is an entity that is partially or wholly responsible for an incident that impacts – or has the potential to impact -- the security of an organization. (WhatIs.com)

  • threat intelligence service (TI service)

    - A threat intelligence service (TI service) is a provider of information about current or emerging threats that could negatively impact the security of a customer’s organization. (WhatIs.com)


  • Network security

    - Terms related to network security, including definitions about intrusion prevention and words and phrases about VPNs and firewalls.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About WIPS (wireless intrusion prevention system)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.