Wireless Intrusion Prevention Software

Wireless Intrusion Prevention Software works exactly like Wireless Intrusion Detection Software, but it does add a very important feature.

Instead of simply notifying the user or an IT Administrator about an intruder on the network, it goes one step further and actually blocks the Intruder from accessing any of the networks resources.

There are several ways to accomplish this.

Through integration with a firewall vendor, a software could notify the Wireless Router to no longer allow a computer with the specified MAC Address and IP to connect wirelessly to the network. This would essentially be an after the fact MAC Filter on the firewall.

Of course, this would work well for wireless networks, but what about if someone simply connected a Wired connection into the LAN. It might be more difficult to force all switches on the network to also filter out this MAC Address.

There are several other methods that could be employed to keep a computer on the LAN from being able to access any network resources.

Some common pitfalls related to Intrusion Prevention in general are that False positives can result in Denial of Service for the users. That’s just a technical way of saying, if someone is running Hardware Level Intrusion Prevention, and they forget about it, and they need to replace their local domain server, etc. They could have a horrible time trying to debug why the Domain Server isn’t working correctly on their network even though they think they’ve set it up correctly and their boss is asking why it’s still not working correctly.

However, even with the potential dangers involved, Hardware Intrusion Prevention Capabilities will be addressed in future versions of Who Is On My Wifi.

Return to Monitoring a Wireless Network.