The Converging Network: Should IPS kick wireless users off the network?

September 26, 2007

Should IPS kick wireless users off the network?

Downed_tower Jamey Heary of the Network World Cisco Subnet blog discusses the benefits of the Cisco IPS' ability to request wireless access points disconnect offenders when malicious traffic is detected. Is this something many people use? Or is this a "feature" masking the need for better IPS capabilities needed in WAPs compared to the Layer 2 IPS built into most wireless access points? Seems like a poor substitute for designing an IPS implementation that addresses coverage of wireless traffic.

Unless it's very finely tuned, this is likely to generate lots of calls to the help desk line. Kicking users off the network completely, wireless or not, when an IPS finds some offending traffic is likely to create more cry wolf events than thwarting real attacks. Blocking packets and stateful sessions is much more the norm. Seems like one of those features you'd try out and then very quickly turn off after a few false alarms.

Blocking offending packets or quarantining users with limited access is likely the better solution. But maybe I'm wrong and am missing something here. I would be very interested to hear if any Cisco IPS and WAP customers use this feature and what their experiences have been.

Please email me with your experiences if you would. Thanks.

Posted in Wireless | Permalink

Technorati Tags: Cisco IPS, Jamey Heary, Network World, wireless IPS

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e54d69e200e5501a39b48833

Listed below are links to weblogs that reference Should IPS kick wireless users off the network?:

» Tramadol. from Tramadol.
Tramadol hydrochloride. Tramadol for dogs. Hydrochloride tramadol. [Read More]

Comments

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Post a comment

What I Do

create and grow businesses
    social media and blogger
    product creator and developer
    business development
convergence
    software and networking,
    microsoft, mobility,
    collaboration, cloud services,
    virtualization, security,
    open source
music
    guitarist, performer, writer
video
    production, editing
Contact me about the consulting services offered by Converging Network LLC.
Learn more about social media and how its leveling the playing field in business and thought leadership.