Re: Wireless Intrustrion Prevention System (WIPS)

jaimejunquera · ‎02-10-2020

Hi Community,

I'm making a final project of my career, I'm looking about the deployment of this system into the differents brands, I looked on Cisco web page, but there are an old documentation with old products, Someone know if the system nowdays use the same hardware, I mean a Access Point, ireless LAN Controller (WLC) and MSE, I read that you can use apart some sensors that provides you the information about the attacks and let the access point just for the fuction of provide signal. So the question is, are there some information about WIPS deployment with the actual hardware?

The link of the old information is here: https://www.cisco.com/c/en/us/td/docs/wireless/technology/wips/deployment/guide/WiPS_deployment_guide.html

jaimejunquera · ‎02-27-2020

Can anyone help me, please?

fdharmawan · ‎02-27-2020

Hi Jaime,

Can you elaborate more on your question?

I have WIPS in my deployment. Both WLC and the MSE are using UCS. And the WIPS is dedicated AP on monitor mode with WIPS sub mode.

jaimejunquera · ‎03-07-2020

Hi,

Sorry for not reply you before, I'm doing an investigation of WISP deployments and I need to fo one inside of a building that doing a predictive study, I got a final result to put like 19 Access points inside the building and make now a study about which APs, router and all that I need to make a completely and secure wireless deployment, including a WIPS system, so I try to get information for CISCO but I looked that the info is so old, So I need which kind of hardware I need to make a deployment using actual products of CISCO and then what I need to do a correct Wireless system? Is important for my final project of my career any help can be so helpful for me.

Thanks

fdharmawan · ‎03-11-2020

Please note that WIPS can only contain 6 rogue AP in monitor mode and 3 rogue AP in dual mode. I just found out this fact recently. So if you want to contain 100 rogue APs with 2 WIPS, that will not happen.

There is no 100% secure wireless deployment. You might want to revisit your objectives.

jaimejunquera · ‎03-11-2020

I said that I need to put almost 19 APs, but the question is that I have this amount of APs I can't use a WISP?

fdharmawan · ‎03-11-2020

Why can't you use WIPS?

May we know those 19 APs will cover how much area? Because you should calculate the channel overlap, especially on 2.4GHz band.

JPavonM · ‎02-28-2020

Hi Jaime,

You are right. Cisco MSE for WIPS is current solution for Wireless Intrussion Prevention so far today.

However, Cisco is going to start implementation of new up-to-date WIPS solution within IOS-XE as part of the 17.x trend of the Catalyst 9800 code. This WIPS solution won't be as elaborated as the MSE-based solution from the very beginning and will be evolving during the whole trend. The new WIPS service will be managed inside Cisco DNA Center.

Unfortunately, there isn't any public documentation for the incoming WIPS solution so far today.

HTH
-Jesus

*** Rate All Helpful Responses ***

jaimejunquera · ‎03-07-2020

hi Jesús.

Thanks for the information is so interesting to know it, this part of the controller and all, yes I supposed that it will be like this because another business like aruba did like this all with a kind of softaware and having an external management.

But for example I don't know how it will be the use of the AP, because in the old one the use like an external sensor to complement de APs, I want to know which actual hardware can I use to do a WISP deployment and all, do you know some actual hardware with cisco product I can use to explain more or less a deployment inside of my study?

Thanks

JPavonM · ‎03-09-2020

Try to work with legacy WIPS and controllers.

This link is for WIPS ordering guide and licenses:

https://www.cisco.com/c/en/us/products/collateral/wireless/mobility-services-engine/data_sheet_c07-473865.html

This link is for deployment guide:

https://www.cisco.com/c/en/us/td/docs/wireless/technology/wips/deployment/guide/WiPS_deployment_guide.html

HTH
-Jesus

*** Rate All Helpful Responses ***

jaimejunquera · ‎03-09-2020

Thanks again Jesus,

But the links that you gave to me is one of the reason that I wrote because all the info is old and the products are not for selling anymore so I need actual hardware.

What are you meaning with legacy controller and all, can you put me an example?

patoberli · ‎03-10-2020

You would best directly contact a Cisco sales representative. This is currently being completely overhauled and not much is known yet about the new system.

jaimejunquera · ‎03-11-2020

I tried to ask by chat and nothing, then I called, I'm from Spain and they redirect me for an official partner in London and he said that to know this information, I have to put a post here. I hope that an official engineer of CISCO can help me, but I thought that it will be impossible

patoberli · ‎03-11-2020

Oh, that is not really a good answer by the chat...

I checked google and found for example:

https://www.solutel.com/soluciones/wifi/

https://atos.net/en/about-us/partners-and-alliances/cisco

https://www.es.logicalis.com/partners/cisco/

Sadly the Partner Locator seems to be broken at the moment:

https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/openBasicSearch.do?preferredLanguage=es&preferredCountry=ES