User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
• Security - Security events are based on wireless network security SNMP traps received from
infrastructure devices. The alarms in this category indicate that a security-related event has occurred
as detected by an infrastructure device. Wireless controllers and APs that have been dedicated as
'detectors' periodically scan the wireless network for neighboring APs, possible rogue devices,
wireless intrusions and active wireless attacks.
• Statistics - Statistics events are based on wireless network and service statistic SNMP traps received
from infrastructure devices. Infrastructure devices measure network service performance (Hotspot
status) and statistical thresholds as set in a device configuration. Statistical events are triggered
when a specific statistical threshold has been exceeded. Examples of statistical thresholds include
packets per second, throughput, average retries, and packets dropped. Setting statistical thresholds
are useful for measuring network performance on a per infrastructure device basis.
Alarm Library
To view a list of Infrastructure Alarms for each alarm sub-type, go to Configuration > Operational
Management > Alarm Configuration, open Infrastructure, and then open the alarm sub-type to see all
the alarms associated with the sub-type.
LBS Alarms
Location Based Services (LBS) alarms alert you to visitors with Wireless Clients entering or leaving your
location. LBS Alarms are broken down into the following two types:
• PresenceA Wireless Client has been detected in the environment or has left the environment.
• Region PresenceA Wireless Client has met one of the following conditions:
• Entered a predefined virtual region.
• Exited a predefined virtual region.
• Has been detected in a predefined virtual region for a specified amount of time.
• Has been detected within a specified distance of a predefined virtual region.
Alarm Library
To view a list of LBS Alarms for each alarm sub-type, go to Configuration > Operational Management >
Alarm Configuration, select LBS, and then select the alarm sub-type to see all the alarms associated
with the sub-type.
Performance Alarms
Performance Alarms alert you to events that provide critical information about the service levels of the
wireless network. In a wireless environment, Performance events can be an indication of problems
related to configuration, compatibility, congestion, coverage, potential interference sources, and
utilization levels. Because 802.11 operates in a shared and unlicensed frequency spectrum, it is possible
that performance issues may be the result of non 802.11 devices such as microwaves and cordless
phones, or could be a result of a conflict with other 802.11 devices, including both valid devices as well
as neighboring devices transmitting into the monitored airspace.
Performance Alarms are broken down into the following eight sub-types:
• AP Testing - AP Testing Events track network failures and provide proactive notification that the
network resources may be unavailable. The alarms in this category indicate a failure of one of the
test conditions. Any alarm should be considered a high priority event as it may be preventing the
wireless applications from operating properly.
Legacy Content
Operational Management
Extreme AirDefense User Guide for version 10.5. 1159