User's Guide

ManualsBrandsExtreme Networks ManualsComputers & AccessoriesWireless Security

1401

Table Of Contents

Table of Contents
Preface
- Conventions
  - Text Conventions
  - Terminology
- Providing Feedback
- Getting Help
- Documentation and Training
Introduction
- Scope of Documentation
Extreme AirDefense New User Experience
- Login to ADSP
  - Logout of AirDefense
- Download ADSP Toolkit
  - Download Toolkit from New User Interface
- Launch the Old User Interface
Dashboard
- View Dashboard
  - Set a Favorite Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
Network View
- Network View - Network Snapshot
- Network Pane - Details View
Alarm View
- Object Missing
- Alarms - Details View
- Alarms Widget View
- Alarm Details List
Configuration
- Appliance Management
  - Appliance Settings
  - Backup / Restore Status
  - Certificate / Key Validation
    - Certificate Validation
    - Key Validation
  - Certificate Manager
  - Configuration Backup
  - Configuration Clear
  - Configuration Restore
  - Download Logs
    - Forensic and Log Backup
  - Language
  - Login / SSH Banners
  - Redundant Appliance Sync
- Structure Configuration
  - View And Manage Your Network Tree
  - Generate a Network Tree
  - Import the Network Tree
  - Floor Plans
- Auto-Placement Rules
  - View Auto-Placement Rules
  - Add an Auto-Placement Rule
  - Edit an Auto-Placement Rule
- Discovery Profile and Polling Configuration
  - Discovery Profile
  - Polling Configuration
    - Edit Polling Preferences
- Communication Profile
  - View Communication Profiles
  - Add a Communication Profile
  - Edit the Communication Profile
  - Delete Communication Profiles
- Security Profile
  - View Security Profile
  - Add a Security Profile
  - Edit a Security Profile
  - Delete a Security Profile
- Alarm Action Manager
  - View Alarm Action Manager Rule Set
  - Add Alarm Action Manager Rule Set
  - Edit Alarm Action Manager Rule Set
  - Delete Alarm Action Manager Rule Set
- Device Action Manager
  - View Device Action Manager Rule Set
  - Add a Device Action Manager Rule Set
  - Apply or Run the Device Action Manager Rule Sets
    - Apply Device Action Manager Rule Sets
    - Run Device Action Manager Rule Sets Manually
- Sensor Manager
  - Operation Tab
  - Settings Tab
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
  - View Performance Profile
  - Add Performance Profile
  - Apply Performance Profile
- Environment Monitoring
- Client Types
  - Manage Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
  - How Backups Work
  - View Backup Schedules
  - Scheduling Configuration Backup
- Forensic and Log Backup
  - Forensic Backup Configuration
  - Log Backup Configuration
- Configuration Restore
- Download Logs
  - Forensic and Log Backup
- Redundant Appliance Synchronization
  - How Synchronization Works
  - Synchronization Rules
  - _
  - Automatic Synchronization
  - Appliance Replacement Considerations
- Configuration Clear
- Language Settings
  - Change the Language
- License Management
  - Auto License Management
  - Add Licenses
  - Manage License Manually
- User Management
  - Manage User Accounts
  - User Group Management
  - User Profile Management
- Relay Server
  - Configure External Relay Server
  - Import Relay Servers
  - Internal Relay Server
- System Settings
  - Add System Log Server IP Address
System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
  - Add-On Modules
  - Hardware Dependencies
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
Extreme AirDefense on Virtual Platform
- Prerequisites
- Installing Extreme AirDefense 10.0 on VMware
- Install Extreme AirDefense on Xen Hypervisor
Menu
- Installing the Toolkit
- Open
  - Frame Capture Analysis
  - Spectrum Analysis
- Forensic Analysis-Basic
- Advanced Forensic Analysis
- Action Control
  - Action Control Table
  - Action Control Commands
- Reports
  - Web Reporting Interface
- Report Builder
- Connection Troubleshooting
- Scheduled AP Tests
  - Scheduled AP Test
    - On-demand AP Tests
    - AP Test License
- Scheduled Vulnerability Assessment
  - Scheduled Vulnerability Assessment
  - Vulnerability Assessment License
- Scheduled Events
  - Monitoring Scheduled Events
  - Altering Event Schedules
- Add Devices
- Import and Discovery
- Bluetooth Monitoring
AirDefense Dashboard
- The Dashboard
- Selecting Dashboard Scope
- Customizing Dashboard Views
  - View Customization
  - Draggable Components
- Dashboard Components
Network Tab
- Capabilities with a Central Management License
- Select-Network View
  - Show Menu
    - Viewing the Network
    - Types of Devices
  - Actions Menu
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
Alarms
- AirDefense Alarm Model
- Capabilities with a Central Management License
- Alarm Table
- Alarm Filters
- Alarm Categories and Criticality
  - Alarm Categories
  - Alarm Criticality
- Alarm Details
- Alarm Actions
Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Appliance Management
- Account Management
- Drop-down Menu Access
Security
- WIPS
- Planning Your Sensor Deployment
  - Deployment Considerations
- Physical and Electromagnetic Interference
  - Device Placement Considerations
- Planning Your Sensor Placement
- Sensor Monitoring
- Vulnerability Assessment
  - On-Demand Vulnerability Assessment
  - Scheduled Vulnerability Assessment
- WEP Cloaking
WLAN Management
- Infrastructure Management
- Operational Management
  - Pending State Audit
- Appliance Platform
  - Relay Server
  - Import Relay Server Information
Central Management Console
- Configuring Master/Slave Servers
  - Things to Remember
  - Sharing Certificates
- Adding a Slave Server
ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
Troubleshooting
- AP Testing
- Connection Troubleshooting
- Live RF
- Forensic RF
- Spectrum Analysis
- Advanced Spectrum Analysis
- Advanced Troubleshooting
- Assurance Suite (Network Assurance)
- Radio Share Network Assurance
- Customer Support
AirDefense Icons
- AirDefense Application Icons
- Wireless Client Icons
Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Alarms
- Configuration Tab
- Security
- WLAN Management
- Central Management Console
  - Configuring Master/Slave Servers
    - Things to Remember
    - Sharing Certificates
  - Adding a Slave Server
- ADSPAdmin
- Troubleshooting
- AirDefense Icons
  - AirDefense Application Icons
  - Wireless Client Icons
Glossary

Conﬁgure AirDefense

The ADSPadmin Conﬁg program area provides the following utilities for conﬁguring AirDefense:

• IDS—Use this item to enable or disable SSLv3 support, Fast Termination, and MAC Spoof detection

settings on the AirDefense appliance. These settings are required for AirDefense to work properly

with some legacy systems.

• IP—use this to change the IP address, subnet mask, and default gateway of the AirDefense

appliance.

• IPv6—use this to change the IPv6 address of the AirDefense appliance.

• NETPORT—use this to change network interface settings, and to toggle Auto-negotiation on and o.

• DNS—use this to add or delete a DNS name server (Domain Name Server).

• BONDING—use this to enable the High Availability Ethernet.

• HNAME—use this to change the name of the AirDefense appliance.

• DNAME—use this to change the domain to which the AirDefense appliance belongs.

• TIME—use this to conﬁgure the AirDefense appliances operating time and date.

• TZ—use this to conﬁgure the time zone in which the AirDefense appliance operates.

• NTP—use this to conﬁgure a speciﬁc network time server, instead of setting TIME and TZ.

• PING—use this to enable or disable ICMP echo request responses.

• SNMPA—use this to enable or disable reception SNMP agent requests.

• SNMPC—use this to conﬁgure SNMP agent community string.

• SNMPT—use this to enable or disable SNMP trap reception.

• HTTP—use this to enable or disable unencrypted Sensor connections.

• PANIC—use this to enable or disable reboot on a system error.

• UIPORT—use this to display the network port you are using for the GUI.

• SSlv3—use this to conﬁgure SSL version 3 support.

Conﬁgure IDS

Use the switches under IDS to enable AirDefense to work with some speciﬁc features. The following

conﬁgurations are available under IDS:

• SSLv3—Use this switch to enable/disable support for SSLv3, TLSv1.0 and TLSv1.1 protocols.

Recently these protocols were found vulnerable and we recommend that you do not use them.

However, if your deployment has access points and sensors that support these protocols, we

recommend that you enable this switch. Otherwise, you should evaluate the devices in your network

and consider disabling support for SSLv3, TLSv1.0 and TLSv1.1 protocols using this switch.

• FTMODE—Use this switch to enable/disable Fast Termination. When enabled, AirDefense internally

adjusts various operating parameters and conﬁgurations to support Fast Termination.

• SPOOF—Use this switch to enable/disable AirDefense's new MAC Spoof Detection algorithm.

This algorithm uses Forensic data and forensic queries to raise the new "MAC Spoof Detected"

alarm. If you are not interested in this new alarm, we recommend you disable this alarm using this

switch. By default, this switch is enabled.

Conﬁgure

AirDefense Legacy Content

1408 Extreme AirDefense User Guide for version 10.5.