User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
Configure AirDefense
The ADSPadmin Config program area provides the following utilities for configuring AirDefense:
• IDS—Use this item to enable or disable SSLv3 support, Fast Termination, and MAC Spoof detection
settings on the AirDefense appliance. These settings are required for AirDefense to work properly
with some legacy systems.
• IP—use this to change the IP address, subnet mask, and default gateway of the AirDefense
appliance.
• IPv6—use this to change the IPv6 address of the AirDefense appliance.
• NETPORT—use this to change network interface settings, and to toggle Auto-negotiation on and o.
• DNS—use this to add or delete a DNS name server (Domain Name Server).
• BONDING—use this to enable the High Availability Ethernet.
• HNAME—use this to change the name of the AirDefense appliance.
• DNAME—use this to change the domain to which the AirDefense appliance belongs.
• TIME—use this to configure the AirDefense appliances operating time and date.
• TZ—use this to configure the time zone in which the AirDefense appliance operates.
• NTP—use this to configure a specific network time server, instead of setting TIME and TZ.
• PING—use this to enable or disable ICMP echo request responses.
• SNMPA—use this to enable or disable reception SNMP agent requests.
• SNMPC—use this to configure SNMP agent community string.
• SNMPT—use this to enable or disable SNMP trap reception.
• HTTP—use this to enable or disable unencrypted Sensor connections.
• PANIC—use this to enable or disable reboot on a system error.
• UIPORT—use this to display the network port you are using for the GUI.
• SSlv3—use this to configure SSL version 3 support.
Configure IDS
Use the switches under IDS to enable AirDefense to work with some specific features. The following
configurations are available under IDS:
• SSLv3—Use this switch to enable/disable support for SSLv3, TLSv1.0 and TLSv1.1 protocols.
Recently these protocols were found vulnerable and we recommend that you do not use them.
However, if your deployment has access points and sensors that support these protocols, we
recommend that you enable this switch. Otherwise, you should evaluate the devices in your network
and consider disabling support for SSLv3, TLSv1.0 and TLSv1.1 protocols using this switch.
• FTMODE—Use this switch to enable/disable Fast Termination. When enabled, AirDefense internally
adjusts various operating parameters and configurations to support Fast Termination.
• SPOOF—Use this switch to enable/disable AirDefense's new MAC Spoof Detection algorithm.
This algorithm uses Forensic data and forensic queries to raise the new "MAC Spoof Detected"
alarm. If you are not interested in this new alarm, we recommend you disable this alarm using this
switch. By default, this switch is enabled.
Configure
AirDefense Legacy Content
1408 Extreme AirDefense User Guide for version 10.5.