User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
on a per device basis. Each trap includes a message defining the significant event and optional
varbinds that provide additional information related to the event. Each infrastructure device includes
settings for enabling a specific trap or group of traps, where the trap(s) should be forwarded and what
community string should be used to allow the management station to process the trap (similar to a
password). Each infrastructure device must be configured to enable the proper traps, the trap receiver
(IP address of the Wireless Services Platform) and community string before the notifications will be
processed. By default, the community string "public" should be used when enabling traps on an
infrastructure device.
Note
To enable SNMP traps, you must use ADSPadmin. Details are included in the AirDefense
Services Platform 9.0 User Guide.
Infrastructure Alarms are broken down into the following nine sub-types:
• Device Operation - Device operation events are based on operations-related SNMP trap notifications
from infrastructure devices. The alarms in this category indicate that a standard process or service
on an infrastructure device has changed. Device operations can include a host of services from
Dynamic Host Configuration Protocol (DHCP), cluster or redundancy control, Remote Authentication
Dial-in User Service (RADIUS) server enablement or even Hotspot status changes. Events in this
category assist in understanding if the proper services are running on an infrastructure device and if
there may be any issues related to a specific service.
• Device Status - Device status events are based on operational status of an infrastructure device. The
alarms in this category indicate whether a device is running, in what state a device may be
operating, or if a device is currently oine. Device status events are not tied solely to the core
infrastructure device such as a wireless controller, but also includes the adopted / port status. An
may be denied adoption due to a wireless controller configuration option and an incorrect network
setup.
• Diagnostics - Diagnostics events are based on hardware and software status notifications received in
the form of SNMP traps for an infrastructure device. The alarms in this category trigger when
hardware and software resource limits are reached.
• MIB-II - MIB-II events are based on standard Management Information Base (MIB) II SNMP traps for
an infrastructure device. MIB-II traps are defined in RFC 1098 as traps supported by all devices that
use the MIB-II standard. While most devices will use MIB-II to define these traps - some devices have
ported these traps into their 'private' or 'proprietary' MIBs as defined by the hardware vendor.
• Others - All the unregistered SNMP traps from infrastructure devices.
• Performance - Performance events are based on the infrastructure device performance as related to
the wireless network. Events in this category provide critical information about wireless station
behavior (authentication and association), interference or congestion, and wireless utilization levels
in the environment.
• Platform Events - Platform events are based on configuration-related internal notifications and
configuration-related SNMP traps received from infrastructure devices. The alarms in this category
indicate that a configuration event has occurred on an infrastructure device including a configuration
change, a configuration is out of compliance or that a configuration update has failed. Device
configurations are monitored for changes on a periodic basis to ensure that the device configuration
matches the assigned profile for a device based upon the folder where a device is located. If the
configuration on the infrastructure device does not match an alert will trigger a notification of the
configuration change. SNMP trap notifications from devices can also indicate if a configuration has
changed.
Alarm
Configuration Configuration Tab
622 Extreme AirDefense User Guide for version 10.5.