Users Guide
Table Of Contents
- Dell PowerConnect W- AirWave 7.5 User Guide
- Contents
- Chapter 1 Introduction
- Chapter 2 Installing and Getting Started
- Hardware Requirements and Installation Media
- Supported Browsers
- Installing Linux CentOS 6.2 (Phase 1)
- Installing AirWave Software (Phase 2)
- Getting Started
- Step 1: Configuring Date and Time
- Step 2: Checking for Prior Installations
- Step 3: Installing AMP Software
- Step 4: Checking the AirWave Installation
- Step 5: Assigning an IP Address to the AirWave System
- Step 6: Naming the AirWave Network Administration System
- Step 7: Generating AMP’s SSL Certificate
- Step 8: Changing the Default Root Password
- Completing the Installation
- Getting Started
- Upgrading AirWave
- Configuring and Mapping Port Usage for AMP
- AirWave Navigation Basics
- Getting Started with AirWave
- Chapter 3 Configuring AirWave
- Before You Begin
- Formatting the Top Header
- Customizing Columns in Lists
- Resetting Pagination Records
- Using the Pagination Widget
- Using Export CSV for Lists and Reports
- Defining Graph Display Preferences
- Customizing the Dashboard
- Customized Search
- Setting Severe Alert Warning Behavior
- Defining General AirWave Server Settings
- Defining AirWave Network Settings
- AirWave User Roles
- Creating AirWave Users
- Configuring Login Message, TACACS+, RADIUS, and LDAP Authentication
- Enabling AirWave to Manage Your Devices
- Setting Up Device Types
- Configuring Cisco WLSE and WLSE Rogue Scanning
- Configuring ACS Servers
- Integrating AirWave with an Existing Network Management Solution (NMS)
- Auditing PCI Compliance on the Network
- Deploying WMS Offload
- Chapter 4 Configuring and Using Device Groups
- AirWave Groups Overview
- Configuring Basic Group Settings
- Adding and Configuring Group AAA Servers
- Configuring Group Security Settings
- Configuring Group SSIDs and VLANs
- Configuring Radio Settings for Device Groups
- Cisco WLC Group Configuration
- Accessing Cisco WLC Configuration
- Navigating Cisco WLC Configuration
- Configuring WLANs for Cisco WLC Devices
- Defining and Configuring LWAPP AP Groups for Cisco Devices
- Viewing and Creating Cisco AP Groups
- Configuring Cisco Controller Settings
- Configuring Wireless Parameters for Cisco Controllers
- Configuring Cisco WLC Security Parameters and Functions
- Configuring Management Settings for Cisco WLC
- Configuring Group PTMP Settings
- Configuring Proxim Mesh Radio Settings
- Configuring Group MAC Access Control Lists
- Specifying Minimum Firmware Versions for APs in a Group
- Comparing Device Groups
- Deleting a Group
- Changing Multiple Group Configurations
- Modifying Multiple Devices
- Using Global Groups for Group Configuration
- Chapter 5 Discovering, Adding, and Managing Devices
- Device Discovery Overview
- Discovering and Adding Devices
- Monitoring Devices
- Viewing Device Monitoring Statistics
- Understanding the APs/Devices > Monitor Pages for All Device Types
- Monitoring Data Specific to Wireless Devices
- Evaluating Radio Statistics for an AP
- Monitoring Data for Mesh Devices
- Monitoring Data for Wired Devices (Routers and Switches)
- Understanding the APs/Devices > Interfaces Page
- Auditing Device Configuration
- Using Device Folders (Optional)
- Configuring and Managing Devices
- Troubleshooting a Newly Discovered Down Device
- Setting up Spectrum Analysis in AirWave
- Chapter 6 Creating and Using Templates
- Group Templates
- Viewing and Adding Templates
- Configuring General Template Files and Variables
- Configuring Templates for Dell PowerConnect W-Instant
- Configuring Templates for AirMesh
- Configuring Cisco IOS Templates
- Configuring Cisco Catalyst Switch Templates
- Configuring Symbol Controller / HP WESM Templates
- Configuring a Global Template
- Chapter 7 Using RAPIDS and Rogue Classification
- Chapter 8 Performing Daily Administration in AirWave
- Monitoring and Supporting AirWave with the System Pages
- Monitoring and Supporting WLAN Clients
- Overview of the Clients Pages
- Monitoring WLAN Users in the Clients > Connected and Clients > All Pages
- Monitoring Rogue Clients With the Clients > Rogue Clients Page
- Supporting Guest WLAN Users With the Clients > Guest Users Page
- Supporting VPN Users with the Clients > VPN Sessions Page
- Supporting RFID Tags With the Clients > Tags Page
- Evaluating and Diagnosing User Status and Issues
- Managing Mobile Devices with SOTI MobiControl and AirWave
- Monitoring and Supporting AirWave with the Home Pages
- Monitoring AirWave with the Home > Overview Page
- Viewing and Updating License Information
- Searching AirWave with the Home > Search Page
- Accessing AirWave Documentation
- Configuring Your Own User Information with the Home > User Info Page
- Using the System > Configuration Change Jobs Page
- Using the System > Firmware Upgrade Jobs Page
- Using the System > Performance Page
- Supporting AirWave Servers with the Master Console
- Backing Up AirWave
- Using AirWave Failover for Backup
- Logging out of AirWave
- Chapter 9 Creating, Running, and Emailing Reports
- Overview of AirWave Reports
- Using Daily Reports
- Viewing Generated Reports
- Using Custom Reports
- Using the Dell License Report
- Using the Capacity Planning Report
- Using the Configuration Audit Report
- Using the Device Summary Report
- Using the Device Uptime Report
- Using the IDS Events Report
- Using the Inventory Report
- Using the Memory and CPU Utilization Report
- Using the Network Usage Report
- Using the New Rogue Devices Report
- Using the New Users Report
- Using the PCI Compliance Report
- Using the Port Usage Report
- Using the RADIUS Authentication Issues Report
- Using the RF Health Report
- Using the Rogue Clients Report
- Using the Rogue Containment Audit Report
- Using the Client Session Report
- Defining Reports
- Emailing and Exporting Reports
- Chapter 10 Using VisualRF
- Features
- Useful Terms
- Starting VisualRF
- Basic QuickView Navigation
- Using the Settings in the VisualRF > Setup Page
- Configuring QuickView Personal Preferences
- Increasing Location Accuracy
- Using QuickView to Assess RF Environments
- Planning and Provisioning
- Creating a New Campus
- Creating a New Building in a Campus
- Importing a Floor Plan
- Editing a Floor Plan Image
- Cropping the Floor Plan Image
- Sizing a Non-CAD Floor Plan
- Removing Color from a Floor Plan Image
- Assigning Campus, Building and Floor Numbers
- Assigning Optional Planner, Owner, or Installer Information for the Floor Plan
- Controlling the Layers in the Uploaded Floor Plan (CAD only)
- Error Checking of CAD Images
- Last Steps in Editing an Uploaded Image
- Provisioning Existing Access Points onto the Floor Plan
- Automatically Provisioning APs onto a Floor Plan
- Tweaking a Planning Region
- Auto-Matching Planned Devices
- Printing a Bill of Materials Report
- Importing and Exporting in VisualRF
- VisualRF Location APIs
- About VisualRF Plan
- Appendix A Setting Up Dell PowerConnect-W Instant in AirWave
- Overview of Dell PowerConnect W-Instant
- Using Dell PowerConnect W-Instant with AirWave
- Setting up Dell PowerConnect-W Instant
- Remaining Manual Admin Tasks in AirWave
- Adding Additional Instant APs to AirWave
- Changing the Mode to Monitor Only for New Instant Devices
- AirWave Pages with Instant-Specific Features
- Other Available Features
- Known Issues of the Dell PowerConnect-W Instant Integration with AirWave
- Index
![](/manual/dell/w-airwave/6-5-4-3-2-1-users-guide-english/images/img-198.png)
186 | Using RAPIDS and Rogue Classification Dell PowerConnect W-AirWave 7.5 | User Guide
Each rogue device frequently has multiple discovery methods, all of which are listed.
As you work through the rogue devices, use the Name and Notes fields to identify the AP and document its
location.
You can use the global filtering options on the RAPIDS > Setup page to filter rogue devices according to
signal strength, ad-hoc status, and discovered by remote APs.
VisualRF uses the heard signal information to calculate the physical location of the device.
If the device is seen on the wire, RAPIDS reports the switch and port for easy isolation.
If you find that the rogue belongs to a neighboring business, for example, you can override the classification to
a neighbor and acknowledge the device. Otherwise, it is strongly recommended that you extract the device
from your building and delete the rogue device from your system. If you delete a rogue, you will be notified
the next time it is discovered.
Most columns in the Discovery Events list table on this page can be filtered using the funnel icon ( ).
To update a rogue device:
1. Select the Identify OS for Suspected Rogues option if an IP address is available to obtain operating system
information using an nmap scan. Note that if you are running wireline security software on your network, it
may identify your AirWave as a threat, which you can ignore.
2. Select the Ignore button if the rogue device is to be ignored. Ignored devices will not trigger alerts if they are
rediscovered or reclassified.
3. Select the Delete button if the rogue device is to be removed from AirWave processing.
Viewing Ignored Rogue Devices
The RAPIDS > List page allows you to view ignored rogues—devices that have been removed from the rogue
count displayed by AirWave. Such devices do not trigger alerts and do not display on lists of rogue devices. To
display ignored rogue devices, select View Ignored Rogues at the bottom left of the page.
Once a classification that has rogue devices is chosen from the drop-down menu, a detailed table displays all
known information.
Using RAPIDS Workflow to Process Rogue Devices
One suggested workflow for using RAPIDS is as follows:
Start from the RAPIDS > List page. Sort the devices on this page based on classification type. Begin with
Rogue APs, working your way through the devices listed.
Select Modify Devices, then select all devices that have an IP address and select Identify OS. AirWave
performs a port scan on the device and attempts to determine the operating system (see “Setting Up
RAPIDS” on page175)
You should investigate devices running an embedded Linux OS installation. The OS scan can help identify
false positives and isolate some devices that should receive the most attention.
Find the port and switch at which the device is located and shut down the port or follow wiring to the device.
To manage the rogue, remove it from the network and acknowledge the rogue record. If you want to allow it
on the network, classify the device as valid and update with notes that describe it.
NOTE: Not all rogue discovery methods will have all information required for resolution. For example, the switch/router
information, port, or IP address are found only through switch or router polling. Furthermore, RSSI, signal, channel, SSID, WEP, or
network type information only appear through wireless scanning. Such information can vary according to the device type that
performs the scan.