In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention).
In addition to intrusion detection, a WIPS also includes features that prevent against the threat automatically. For automatic prevention, it is required that the WIPS is able to accurately detect and automatically classify a threat.
The following types of threats can be prevented by a good WIPS:
- Rogue access points – WIPS should understand the difference between rogue APs and external (neighbor’s) APs
- Mis-configured AP
- Client mis-association
- Unauthorized association
- Man-in-the-middle attack
- Ad hoc networks
- MAC spoofing
- Honeypot / evil twin attack
- Denial-of-service attack