User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
9. Move the target device to the anticipated fringe where a neighboring sensor would become primary.
10. At the fringe of coverage, signal strength should be no less than -70 dBm to assure termination
ability.
11. Move AirDefense Mobile to the anticipated location of the next sensor and use the same procedure
to ensure that its anticipated coverage area is valid.
If the above sensor placement proves adequate from a coverage and cost of placement perspective,
factors observed during this analysis may be extrapolated to other locations of similar construction.
Sensor Placement with WEP Cloaking
WEP Cloaking will typically require a higher density of sensor deployment than most other applications.
This puts WEP cloaking in the highest category sensor density deployments similar to Location
Tracking.
Considerations for Sensor Placement with WEP Cloaking
For eective WEP Cloaking, there are two important considerations:
• Spatial coverage - The sensors enabled with WEP Cloaking must at a minimum cover the same area
as the s and wireless clients they are protecting.
For this requirement, you should leverage any site surveys you conduct or have conducted for
placement of s as aids to sensor placement decisions. Another option is using a WLAN simulation
tools such as LAN Planner.
For example, in a typical retail location most wireless point-of-sale devices will be in the front of the
store near the check-out stations. Assuming the hacker would be outside of the building, sitting in
the front parking lot, it would make sense to place at least 2 sensors in each of the corners in the
front of the store. If there is public access from the back of the building or the retail location is
surrounded by parking areas, you may want to consider additional sensors in the back for complete
protection.
• Channel coverage - A single sensor should not be required to cloak more than 3 s at a time.
For eective cloaking there must be sucient cha WEP frames to confuse the statistical WEP
cracking tools. At the same time, the sensors must perform regular Wireless IPS scanning on other
channels. The sensors are designed to intelligently adjust their frequency scanning patterns.
However, to maximize cloaking eectiveness and scan all other channels for possible intrusions,
sensors should not be expected to cloak more than three APs, or more specifically three unique
communication channels at a time.
For Adequate Protection
Typically it will take several sensors deployed at the perimeter of the building to adequately protect all
wireless devices with WEP Cloaking. This also implies that, even in small stores, it may take more than
one sensor for adequate WEP Cloaking protection; the higher the density of sensors you deploy, the
better your legacy encryption devices will be protected. Any deployment should start with a site survey
or RF simulation of the WLAN environment, followed by a mapping of sensor coverage to access point
coverage of unique channels.
Sensor Placement with Location Tracking
Sensor density and sensor placement are the most important factors regarding overall positioning
resolution. Due to the nature of high frequency signals (2.4 GHz and 5 GHz) and limited signal strength
Legacy Content
Planning Your Sensor Placement
Extreme AirDefense User Guide for version 10.5. 1383