User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
Platform Health Alarms
Platform Health Alarms alert you to events that provide information about the state of the AirDefense
Services Platform and the Sensors which report back to the appliance. Platform Health Alarms are
broken down into the following three sub-types:
• License Manager - License events provide information about the features and functionality in the
AirDefense that require a license to operate.
• Platform - Platform events provide operational and health information about the AirDefense
appliance.
•
Sensor - Sensor events provide operation and health information about the Sensors that are
reporting back to the AirDefense appliance.
Alarm Library
To view a list of Platform Health Alarms for each alarm sub-type, go to Configuration > Operational
Management > Alarm Configuration, open Platform Health, and then open the alarm sub-type to see
all the alarms associated with the sub-type.
Policy Compliance Alarms
Policy Compliance Alarms alert you to events that provide information about the observed operational
configuration compared to the configured configuration. Policy discrepancies which are found allow
configuration vulnerabilities to be corrected before they could be exploited. Sanctioned configuration
problems account for a significant percentage of security vulnerabilities in any organization. Policy
configuration problems typically result in significant security issues and should be addressed in a timely
manner. Policy Compliance Alarms are broken down into the following eight sub-types:
• 802.11 Encryption - 802.11 Wireless networks operate in a shared medium; all devices within the
range of the transmission can passively hear the sender. Encryption is implemented in wireless
networks to allow for secure transmission of data, and to prevent eavesdroppers from reading the
contents. ADSP monitors the authorized APs to ensure that the defined encryption mechanisms are
always used and the network operates in compliance with the enterprise policy.
• Advanced Key Generation - 802.1x Authentication provides a mechanism to authenticate a user
and/or computer against a network and generate the keys necessary to encrypt data; if required, the
keys can be changed dynamically. ADSP monitors the authorized APs to ensure that the defined
advanced key generation mechanisms are always used and the network operates in compliance with
the enterprise policy.
• AirDefense Personal Policy Violation - AirDefense Personal is a client product designed to monitor
the edge of the network. The edge of the network is defined by the mobile work force and their
laptops that travel throughout the world to airports, hotspots, hotels, etc. As mobile workers travel
they have confidential and proprietary corporate data to protect and can access the corporate
network through a VPN (Virtual Private Network). User stations typically present the weakest
security link to a malicious users. AirDefense Personal ensures that the enterprise policy is enforced
any where, any time the client is using mobile resources, even when it is outside of the range of
ADSP monitoring Sensors.
• Authentication - ADSP monitors 802.11 authentication as defined in the company policy against
what has been observed in the air, allowing for notification of enterprise compliance policy
violations.
• Environment - Environmental events allow for monitoring of generic operation wireless network
activities. These events could have an impact on enterprise compliance, security and performance
requirements.
Legacy Content
Operational Management
Extreme AirDefense User Guide for version 10.5. 1161