User's Guide

ManualsBrandsExtreme Networks ManualsComputers & AccessoriesWireless Security

201

202

203

204

205

206

207

208

209

210

Table Of Contents

Table of Contents
Preface
- Conventions
  - Text Conventions
  - Terminology
- Providing Feedback
- Getting Help
- Documentation and Training
Introduction
- Scope of Documentation
Extreme AirDefense New User Experience
- Login to ADSP
  - Logout of AirDefense
- Download ADSP Toolkit
  - Download Toolkit from New User Interface
- Launch the Old User Interface
Dashboard
- View Dashboard
  - Set a Favorite Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
Network View
- Network View - Network Snapshot
- Network Pane - Details View
Alarm View
- Object Missing
- Alarms - Details View
- Alarms Widget View
- Alarm Details List
Configuration
- Appliance Management
  - Appliance Settings
  - Backup / Restore Status
  - Certificate / Key Validation
    - Certificate Validation
    - Key Validation
  - Certificate Manager
  - Configuration Backup
  - Configuration Clear
  - Configuration Restore
  - Download Logs
    - Forensic and Log Backup
  - Language
  - Login / SSH Banners
  - Redundant Appliance Sync
- Structure Configuration
  - View And Manage Your Network Tree
  - Generate a Network Tree
  - Import the Network Tree
  - Floor Plans
- Auto-Placement Rules
  - View Auto-Placement Rules
  - Add an Auto-Placement Rule
  - Edit an Auto-Placement Rule
- Discovery Profile and Polling Configuration
  - Discovery Profile
  - Polling Configuration
    - Edit Polling Preferences
- Communication Profile
  - View Communication Profiles
  - Add a Communication Profile
  - Edit the Communication Profile
  - Delete Communication Profiles
- Security Profile
  - View Security Profile
  - Add a Security Profile
  - Edit a Security Profile
  - Delete a Security Profile
- Alarm Action Manager
  - View Alarm Action Manager Rule Set
  - Add Alarm Action Manager Rule Set
  - Edit Alarm Action Manager Rule Set
  - Delete Alarm Action Manager Rule Set
- Device Action Manager
  - View Device Action Manager Rule Set
  - Add a Device Action Manager Rule Set
  - Apply or Run the Device Action Manager Rule Sets
    - Apply Device Action Manager Rule Sets
    - Run Device Action Manager Rule Sets Manually
- Sensor Manager
  - Operation Tab
  - Settings Tab
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
  - View Performance Profile
  - Add Performance Profile
  - Apply Performance Profile
- Environment Monitoring
- Client Types
  - Manage Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
  - How Backups Work
  - View Backup Schedules
  - Scheduling Configuration Backup
- Forensic and Log Backup
  - Forensic Backup Configuration
  - Log Backup Configuration
- Configuration Restore
- Download Logs
  - Forensic and Log Backup
- Redundant Appliance Synchronization
  - How Synchronization Works
  - Synchronization Rules
  - _
  - Automatic Synchronization
  - Appliance Replacement Considerations
- Configuration Clear
- Language Settings
  - Change the Language
- License Management
  - Auto License Management
  - Add Licenses
  - Manage License Manually
- User Management
  - Manage User Accounts
  - User Group Management
  - User Profile Management
- Relay Server
  - Configure External Relay Server
  - Import Relay Servers
  - Internal Relay Server
- System Settings
  - Add System Log Server IP Address
System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
  - Add-On Modules
  - Hardware Dependencies
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
Extreme AirDefense on Virtual Platform
- Prerequisites
- Installing Extreme AirDefense 10.0 on VMware
- Install Extreme AirDefense on Xen Hypervisor
Menu
- Installing the Toolkit
- Open
  - Frame Capture Analysis
  - Spectrum Analysis
- Forensic Analysis-Basic
- Advanced Forensic Analysis
- Action Control
  - Action Control Table
  - Action Control Commands
- Reports
  - Web Reporting Interface
- Report Builder
- Connection Troubleshooting
- Scheduled AP Tests
  - Scheduled AP Test
    - On-demand AP Tests
    - AP Test License
- Scheduled Vulnerability Assessment
  - Scheduled Vulnerability Assessment
  - Vulnerability Assessment License
- Scheduled Events
  - Monitoring Scheduled Events
  - Altering Event Schedules
- Add Devices
- Import and Discovery
- Bluetooth Monitoring
AirDefense Dashboard
- The Dashboard
- Selecting Dashboard Scope
- Customizing Dashboard Views
  - View Customization
  - Draggable Components
- Dashboard Components
Network Tab
- Capabilities with a Central Management License
- Select-Network View
  - Show Menu
    - Viewing the Network
    - Types of Devices
  - Actions Menu
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
Alarms
- AirDefense Alarm Model
- Capabilities with a Central Management License
- Alarm Table
- Alarm Filters
- Alarm Categories and Criticality
  - Alarm Categories
  - Alarm Criticality
- Alarm Details
- Alarm Actions
Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Appliance Management
- Account Management
- Drop-down Menu Access
Security
- WIPS
- Planning Your Sensor Deployment
  - Deployment Considerations
- Physical and Electromagnetic Interference
  - Device Placement Considerations
- Planning Your Sensor Placement
- Sensor Monitoring
- Vulnerability Assessment
  - On-Demand Vulnerability Assessment
  - Scheduled Vulnerability Assessment
- WEP Cloaking
WLAN Management
- Infrastructure Management
- Operational Management
  - Pending State Audit
- Appliance Platform
  - Relay Server
  - Import Relay Server Information
Central Management Console
- Configuring Master/Slave Servers
  - Things to Remember
  - Sharing Certificates
- Adding a Slave Server
ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
Troubleshooting
- AP Testing
- Connection Troubleshooting
- Live RF
- Forensic RF
- Spectrum Analysis
- Advanced Spectrum Analysis
- Advanced Troubleshooting
- Assurance Suite (Network Assurance)
- Radio Share Network Assurance
- Customer Support
AirDefense Icons
- AirDefense Application Icons
- Wireless Client Icons
Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Alarms
- Configuration Tab
- Security
- WLAN Management
- Central Management Console
  - Configuring Master/Slave Servers
    - Things to Remember
    - Sharing Certificates
  - Adding a Slave Server
- ADSPAdmin
- Troubleshooting
- AirDefense Icons
  - AirDefense Application Icons
  - Wireless Client Icons
Glossary

For each report, provide the following information:

Field Description

Report Type Use the drop-down to select from one of the pre-created reports.

Scope Increase Factor Use the drop-down to select the scope of your report. The value in

this ﬁeld speciﬁes the number of levels to expand the scope of the

report. A value of 1 means only use the ﬂoor level. A value of 2

indicates that the ﬂoor and its parent level is to be included in this

report's scope.

Run immediate for previous Runs the report immediately for the period selected in the two

drop-down lists located within this ﬁeld.

Run on alarm clear / expire Runs the report when the alarm is either cleared manually or

expires automatically. To select a duration of time for this report,

use the two drop -down list located within this ﬁeld.

Publish Indicates how this report is published. A report can be one of

SHARED or PRIVATE. A shared report can be viewed by other users

of the AirDefense system. A private report can only be viewed by

you. When creating a report, provide a distinct name for it.

E-mail Indicates if the report is emailed to speciﬁc users. Provide a list of

recipients for this email, separated by semi-colon (;) in the ﬁeld

provided for the purpose.

WIPS Mitigation

WIPS Mitigation actions are a set of speciﬁc actions that you can take at the device level to mitigate

issues with wireless intrusion from devices that do not belong to your AirDefense system. You can also

conﬁgure and send SNMP trap messages to multiple SNMP services within your network.

Use the General tab of the WIPS Mitigation control to conﬁgure the various settings.

Similarly, use the SNMP Trap tab of this screen to conﬁgure SNMP servers to send SNMP traps to the

remote SNMP servers.

General Actions

The General tab of the WIPS Mitigation ﬁeld provides you with the following WIPS mitigation tools.

• ACL - When devices meet the criteria speciﬁed in the Alarms and the Filters tabs, these devices are

automatically added to a switch's access control list.

• Port Suppression - This action is used to suppress communication between unauthorized devices

and switches on your network.

•

Termination - This action is used to terminate devices that generate speciﬁc alarms as selected in the

Filters tab. An option to also terminate the device that a rogue device is paired to is also available.

ACL

The ACL action enables the Access Control List on switches that meet the conditions speciﬁed in the

ﬁlters.

Use the Scope Increase Factor drop-down to select the scope of this action. The value in this ﬁeld

speciﬁes the number of levels to expand the scope of the addition. A value of one (1) means only use

Conﬁguration

Add Alarm Action Manager Rule Set

Extreme AirDefense User Guide for version 10.5. 201