User's Guide
Table Of Contents
- Table of Contents
- Preface
- Introduction
- Extreme AirDefense New User Experience
- Dashboard
- View Dashboard
- Create a Dashboard
- Manage Your Dashboard
- Delete the Dashboard
- Dashboard Widgets
- WIPS Widgets
- Widget - Top Criticalities
- Widget - Top Security Alarms
- Widget - Top Wireless Exploits
- Widget - Top Wireless Extrusions
- Widget - Top Vulnerabilities
- Widget - Severity by Device
- Widget - Severity by Tree Level
- Widget - Rogue Access Points
- Widget - Recent Rogue Events
- Widget - Anomalies
- Widget - Top BT Security Alarms
- Widget - BT Security Threat By Category
- Widget - BT Security Threat by Tree Level
- STATs Widgets
- COMPLIANCE Widgets
- WIPS Widgets
- Network View
- Alarm View
- Configuration
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Structure Configuration
- Auto-Placement Rules
- Discovery Profile and Polling Configuration
- Communication Profile
- Security Profile
- Alarm Action Manager
- Device Action Manager
- Sensor Manager
- Alarm Configuration
- Wired Network Monitoring
- Performance Profile
- Environment Monitoring
- Client Types
- Appliance Settings
- Device Age Out
- Configuration Backup
- Forensic and Log Backup
- Configuration Restore
- Download Logs
- Redundant Appliance Synchronization
- Configuration Clear
- Language Settings
- License Management
- User Management
- Relay Server
- System Settings
- Appliance Management
- System Overview
- AirDefense in Standalone Mode
- System Components
- System Requirements
- Version Compatibility for Upgrade
- Connecting to Hardware Appliance
- Configuring the Appliance
- System Configuration
- Selecting and Deploying APs and Sensors
- Connecting to the Network
- Assigning User Interfaces
- Basic Navigation
- Alarm Time Reporting
- Extreme AirDefense on Virtual Platform
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Legacy Content
- Menu
- AirDefense Dashboard
- Network Tab
- Capabilities with a Central Management License
- Select-Network View
- Network Devices
- Association Tree
- Network Graph
- Network Filters
- Actions Menu
- Actions Descriptions
- Advanced Search
- Alarms
- Configuration Tab
- Search
- Appliance Platform
- Security & Compliance
- Network Assurance
- Infrastructure Management
- Operational Management
- Alarm Action Manager
- Alarm Configuration
- Client Types
- Device Action Manager
- Device Age Out
- Job Status
- Location Based Services
- Location Subscriber Profiles
- Pending State - Audit
- Sensor Only Settings
- Sensor Operation
- Appliance Management
- Appliance Settings
- Backup / Restore Status
- Certificate / Key Validation
- Certificate Manager
- Configuration Backup
- Configuration Clear
- Configuration Restore
- Download Logs
- Language
- Login / SSH Banners
- Redundant Appliance Sync
- Account Management
- Drop-down Menu Access
- DevicesDrop-down Menu
- Device Functions Requiring More Explanation
- Network Level Drop-down Menus
- Global Tools
- Floor Plan Actions
- Floor Manipulation Tools
- Unplaced Devices Level Drop-down Menu
- Security
- WLAN Management
- Central Management Console
- ADSPAdmin
- Accessing the ADSPadmin Console
- Manage System
- Manage the Database
- Software
- Configure AirDefense
- Configure IDS
- IP Address Configuration
- IPv6
- NETPORT
- DNS Configuration
- Bonding Configuration
- hname Configuration
- dname Configuration
- Time Configuration
- Time Zone Configuration
- NTP Configuration
- PING Config
- SNMP Agent Configuration
- SNMP Community String Configuration
- SNMP Trap Configuration
- HTTP Configuration
- PANIC Configuration
- UIPORT Configuration
- Troubleshooting
- AirDefense Icons
- Glossary
surrounded by parking areas, you may want to consider additional sensors in the back for complete
protection.
• Channel coverage - A single sensor should not be required to cloak more than 3 s at a time.
For eective cloaking there must be sucient cha WEP frames to confuse the statistical WEP
cracking tools. At the same time, the sensors must perform regular Wireless IPS scanning on other
channels. The sensors are designed to intelligently adjust their frequency scanning patterns.
However, to maximize cloaking eectiveness and scan all other channels for possible intrusions,
sensors should not be expected to cloak more than three APs, or more specifically three unique
communication channels at a time.
For Adequate Protection
Typically it will take several sensors deployed at the perimeter of the building to adequately protect all
wireless devices with WEP Cloaking. This also implies that, even in small stores, it may take more than
one sensor for adequate WEP Cloaking protection; the higher the density of sensors you deploy, the
better your legacy encryption devices will be protected. Any deployment should start with a site survey
or RF simulation of the WLAN environment, followed by a mapping of sensor coverage to access point
coverage of unique channels.
Sensor Placement with Location Tracking
Sensor density and sensor placement are the most important factors regarding overall positioning
resolution. Due to the nature of high frequency signals (2.4 GHz and 5 GHz) and limited signal strength
resolution in 802.11 devices, the positioning resolution and stability tends to be better near receivers/
sensors. To achieve accurate results, follow these guidelines:
• Place at least three independent sensors on the same floor plan so the system can capture the RSSI
values.
• Place a sensor in each area where accurate resolution is required or to increase overall sensor
density to ensure high RSSI values.
Considerations for Sensor Placement with Location Tracking
Every site is unique in terms of actual sensor coverage; this section merely describes sensor placement
and respective coverage in a simplified way. Actual signal propagation is a very complex issue due to
environmental factors like the reflection/absorption properties of materials (walls, furniture), large
moving object, etc.
• Sensors should be placed in corners, preferably in a way which minimizes random fluctuations in
signal strength caused by people moving around, opening / closing doors, windows or large objects
which may be moved during operation, etc.
• Sensors should not be placed in a straight lineto eliminate the possibility of having two or more
similar RSSI values from sensor combinations for dierent location, combined coverage areas for the
sensors should not be symmetric.
• Place additional sensors in areas where accuracy is importantto achieve repeatable and consistent
positioning resolution, sensors should be placed so that they measure unique signal strengths and
sensor combinations for each location considered significant.
IDS versus Location Tracking
Ideal sensor placement for Wireless IDS diers from that for Location Tracking.
Sensor Placement with Location Tracking
Security
850 Extreme AirDefense User Guide for version 10.5.