If you want to simply protect against APs that are broadcasting the same WLAN you need the "Protect SSID" parameter. According to the ArubaOS 6.1 user guide, chapter 30. IDS/IPS is a very complicated topic, so I suggest you look at chapter 30 to get things explained in detail:
"Protect SSID enforces that valid/protected SSIDs are used only by valid APs. An offending AP is contained by preventing clients from associating to it."
Impersonation and Spoofing features only relate to other access points that are broadcasting the same WLAN name and have the same BSSID or mac address as one of your own.