Base on datasheet, we need AP, WLC, Prime and MSE to depoy wIPS.
My question is, if we can deploy wIPS without using MSE? If can, what is the wIPS feature that not support this kind of deployment?
The WLC supports 17 standard signatures out of the box. if you need to the advanced signatures, this is where the MSE comes into play.
There are tons of advantages with using the MSE solution, however its not cheap. and Cisco is moving away from this, so if don't need the features of the wIPS I would wait to see what Cisco releases in the near future.
Hellow Anwar, the WLC uses IDS signatures that are used to identify various types of attacks in incoming 802.11 packets. When the signatures are enabled, the APs that are joined to the Cisco WLC perform signature analysis on the received 802.11 data or management frames and report discrepancies to the Cisco WLC.
CONTROLLER-BASED IDS FLOW
The WLC supports 17 standard signatures on Cisco WLC. These signatures are divided into six main groups; the first four groups contain management signatures, and the last two groups contain data signatures:
To configure IDS on the WLC, follow the steps in the link below: