Looking at wireless intrusion prevention and detection systems? Burton Group notes the following features and functions you may wish to consider when making a product selection. (Also see companion article on wireless IDP evaluation and implementation dos and don'ts.)
- Integration with wired-side switch port shut down. Enables automated containment on the wired side.
- Air-side containment and blocking. Enables temporary disablement of rogues and "evil twins."
- Integration with RF topology maps. Increases efficiency of location pinpointing.
- Location-aware monitoring. Provides policy enforcement based on position of devices.
- Remote management of sensors. Particularly good for highly distributed organizations.
- Small and midsize business offering. Good for distributed companies with small sites.
- "No fly" mode or template. Useful for companies that forbid wireless in certain areas of the enterprise.
- Role-based access to management user interface. Shares information with multiple stakeholders.
- Integration with the help desk. Enables troubleshooting of wireless network connections.
- Integration with network monitoring. Enables network management from an integrated console.
- Escalated or hierarchical alerting. Provides a more efficient response.
- Support for power over ethernet. Eliminates need for additional power outlets.
- Bandwidth management. Eases burden on low-bandwidth WAN links.
- Auto-classification. Reduces false positives and eases administration.
- DoS protection. Helps maintain network availability.
- Scalability/high availability. Necessary for large, highly distributed networks.
- Preventive automation. Enables automatic break or containment of unauthorized associations.
- Integration with mobile tools. Enables reuse of site survey information gathered from mobile tool as part of the console WIPS intelligence.
- Large-area sensors. Reduces number of sensors.