Over the last few months I have had the opportunity to test several commercial wireless IDS/IPS on behalf of a client. There are several marketing key points that most products profess to offer and trumpet: Detection of rogue AP's Detection of ad hoc networks Recognize known attacks Identify policy violations Identify physical location of user/AP Capture network traffic Threat detection (MAC address spoofing, DoS, MiTM) Lock out inappropriate behavior through wireless disassociation and/or through switch activity. These purported capabilities were tested in depth; methods / code / results will be described. Questions to ask WIDS / WIPS vendors, and recommendations to WIDS / WIPS manufacturers will be detailed.