Wireless Intrusion Prevention
One of the ugly truths vendors don't tell you is that wireless networks are inherently less secure than their wired counterparts. Despite what you do, putting network ports in the air opens holes in your network that weren't previously there - holes that must be plugged.

It's like putting Ethernet jacks on the outside of the building. What are you to do? Most people won't argue about the incredible convenience and productivity increases possible with wireless networks, but no one can afford that convenience at the expense of compromised network security.

For some time, the industry has known that link layer data encryption alone is not enough. Strong authentication makes things better but doesn't solve all problems. A single rogue AP installed by an employee can bypass the entire security of the network perimeter.

Essential to securing wireless LAN is a multi-layer approach to security that provides maximum protection against wireless threats. Even if an attacker makes it through one layer, the likelihood of getting through multiple layers is very low.

What's needed for true enterprise wireless security is a single system approach that addresses the physical RF environment, link layer data encryption, user authentication, network-layer security and user-based application security. A security solution must include not only intrusion detection and threat classification at the RF layer but also strong encryption and authentication, VPN termination and ICSA-compliant stateful firewalls at the application layer. Combined, these features turn those open doors in your parking lot into tightly locked doors with Grade 1 deadbolts.