Dell PowerConnect W-Airwave 8.0 User Manual

Dell Networking

W-AirWave 8.0

User Guide

Wireless Networks®, the registered Aruba the Mobile Edge Company logo, and Aruba Mobility Management System®. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc.

Originated in the USA. All other trademarks are the property of their respective owners.

Open Source Code

Certain Aruba products include Open Source software code developed by third parties, including software code subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), or other Open Source Licenses. Includes software from Litech Systems Design. The IF-MAP client library copyright 2011 Infoblox, Inc. All rights reserved. This product includes software developed by Lars Fenneberg, et al. The Open Source code used can be found at this site:

http://www.arubanetworks.com/open_source

Legal Notice

The use of Aruba Networks, Inc. switching platforms and software, by all individuals or corporations, to terminate other vendors’ VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and indemnifies, in full, Aruba Networks, Inc. from any and all legal actions that might be taken against it with respect to infringement of copyright on behalf of those vendors.

June 2014 | 0510897-18 Dell Networking W-AirWave 8.0 | User Guide

Contents

Introduction 13

A Unified Wireless Network Command Center 13

AirWave Management Platform 13 Controller Configuration 14 Instant Configuration 14 VisualRF 14 RAPIDS 15 Master Console and Failover 15

Integrating AirWave into the Network and Organizational Hierarchy 15

Administrative Roles 16

Configuring AirWave 17

Before You Begin 17 Formatting the Top Header 17 Customizing Columns in Lists 19 Resetting Pagination Records 20 Using the Pagination Widget 21 Using Export CSV for Lists and Reports 21 Defining Graph Display Preferences 21 Customizing the Dashboard 22

Adding Widgets 23

Available Widgets 23

Search Preferences 26 Setting Severe Alert Warning Behavior 27 Defining General AirWave Server Settings 28

AMP Setup > General 28

General Settings 29 Automatic Authorization Settings 30 Top Header Settings 31 Search Method 31 Home Overview Preferences 31 Display Settings 31 Device Configuration Settings 32 AMP Features 33 External Logging Settings 33 Historical Data Retention Settings 34 Firmware Upgrade Defaults 36 Additional AMP Services 36 Performance Settings 38

Defining AirWave Network Settings 39

Primary Network Interface Settings 40 Secondary Network Interface Settings 40 Network Time Protocol (NTP) Settings 40

Static Routes 41 Creating AirWave Users 41 AirWave User Roles 43

Dell Network ing W-AirWave 8.0 | User Guide Contents | 3

User Roles and VisualRF 43

Creating AirWave User Roles 43 Configuring Login Message, TACACS+, RADIUS, and LDAP Authentication 48

Setting Up Login Configuration Options 49

Configuring Whitelists 49

Setting Up Certificate Authentication 50

Setting Up Single Sign-On 50

Specifying the Authentication Priority 51

Configuring RADIUS Authentication and Authorization 51

Integrating a RADIUS Accounting Server 52

Configuring TACACS+ Authentication 53

Configuring LDAP Authentication and Authorization 55 Enabling AirWave to Manage Your Devices 58

Configuring Communication Settings for Discovered Devices 58

Loading Device Firmware Onto AirWave (optional) 61 Setting Up Device Types 64

Configuring Cisco WLSE and WLSE Rogue Scanning 65

Introduction to Cisco WLSE 65 Initial WLSE Configuration 66

Adding an ACS Server for WLSE 66

Enabling Rogue Alerts for Cisco WLSE 66

Configuring WLSE to Communicate with APs 66

Discovering Devices 66

Managing Devices 67

Inventory Reporting 67

Defining Access 67

Grouping 67 Configuring IOS APs for WDS Participation 67

WDS Participation 68

Primary or Secondary WDS 68 Configuring ACS for WDS Authentication 68 Configuring Cisco WLSE Rogue Scanning 68

Configuring ACS Servers 70 Integrating AirWave with an Existing Network Management Solution (NMS) 71 Auditing PCI Compliance on the Network 73

Introduction to PCI Requirements 73 PCI Auditing 73 Enabling or Disabling PCI Auditing 75

Deploying WMS Offload 76

Overview of WMS Offload in AirWave 76 General Configuration Tasks Supporting WMS Offload in AirWave 76 Additional Information Supporting WMS Offload 77

Configuring and Using Device Groups 78

AirWave Groups Overview 80

Viewing All Defined Device Groups 81

Configuring Basic Group Settings 82 Adding and Configuring Group AAA Servers 91 Configuring Group Security Settings 92 Configuring Group SSIDs and VLANs 96 Configuring Radio Settings for Device Groups 100

4 | Contents Dell Network ing W-AirWave 8.0 | User Guide

Cisco WLC Group Configuration 104

Accessing Cisco WLC Configuration 104 Navigating Cisco WLC Configuration 104 Configuring WLANs for Cisco WLC Devices 105 Defining and Configuring LWAPP AP Groups for Cisco Devices 108 Viewing and Creating Cisco AP Groups 108 Configuring Cisco Controller Settings 108 Configuring Wireless Parameters for Cisco Controllers 109 Configuring Cisco WLC Security Parameters and Functions 109 Configuring Management Settings for Cisco WLC Controllers 110

Configuring Group PTMP Settings 110 Configuring Proxim Mesh Radio Settings 111 Configuring Group MAC Access Control Lists 113 Specifying Minimum Firmware Versions for APs in a Group 114 Comparing Device Groups 115 Deleting a Group 116 Changing Multiple Group Configurations 117 Modifying Multiple Devices 118 Using Global Groups for Group Configuration 120

Discovering, Adding, and Managing Devices 124

Device Discovery Overview 124 Discovering and Adding Devices 124

SNMP/HTTP Scanning 124

Adding Networks for SNMP/HTTP Scanning 125

Adding Credentials for Scanning 125

Defining a Scan Set 126

Running a Scan Set 127 The Cisco Discovery Protocol (CDP) 129 Authorizing Devices to AirWave from APs/Devices > New Page 129 Manually Adding Individual Devices 129

Adding Devices with the Device Setup > Add Page 130

Adding Multiple Devices from a CSV File 133

Adding Universal Devices 134 Assigning Devices to the Ignored Page 134 Unignoring a Device 135

Monitoring Devices 136

Viewing Device Monitoring Statistics 136 Creating CustomFiltered Views 137 Understanding the APs/Devices > Monitor Pages for All Device Types 138 Monitoring Data Specific to Wireless Devices 139 Evaluating Radio Statistics for an AP 146

Overview of the Radio Statistics Page 146

Viewing Real-Time ARM Statistics 146

Issues Summary section 147

802.11 Radio Counters Summary 147

Radio Statistics Interactive Graphs 148

Recent ARM Events Log 149

Detected Interfering Devices Table 150

Active BSSIDs Table 151 Monitoring Data for Mesh Devices 151

Dell Network ing W-AirWave 8.0 | User Guide Contents | 5

Monitoring Data for Wired Devices (Routers and Switches) 152 Understanding the APs/Devices > Interfaces Page 154

Auditing Device Configuration 155 Using Device Folders (Optional) 156

Configuring and Managing Devices 157

Moving a Device from Monitor Only to Manage Read/Write Mode 157 Configuring AP Settings 158 Setting a Maintenance Window for a Device 165 Configuring Device Interfaces for Switches 166 Individual Device Support and Firmware Upgrades 169

Troubleshooting a Newly Discovered Down Device 172 Using AirWave to Set up Spectrum Analysis 174

Spectrum Configurations and Prerequisites 174 Setting up a Permanent Spectrum Dell AP Group 175 Configuring an Individual AP to run in Spectrum Mode 176 Configuring a Controller to use the Spectrum Profile 177

Creating and Using Templates 178

Group Templates 178

Supported Device Templates 178 Template Variables 179

Viewing and Adding Templates 180 Configuring General Template Files and Variables 183

Configuring General Templates 183

IOS Configuration File Template 184

Device Configuration File on APs/Devices > Audit Configuration Page 184 Using Template Syntax 185 Using AP-Specific Variables 185 Using Directives to Eliminate Reporting of Configuration Mismatches 185

Ignore_and_do_not_push Command 186

Push_and_exclude Command 186 Using Conditional Variables in Templates 186 Using Substitution Variables in Templates 187

Configuring Templates for Dell Networking W-Instant 188 Configuring Templates for AirMesh 189 Configuring Cisco IOS Templates 190

Applying Startup-config Files 190 WDS Settings in Templates 190 SCP Required Settings in Templates 191 Supporting Multiple Radio Types via a Single IOS Template 191 Configuring Single and Dual-Radio APs via a Single IOS Template 191

Configuring Cisco Catalyst Switch Templates 192 Configuring Symbol Controller / HP WESM Templates 192 Configuring a Global Template 194

Using RAPIDS and Rogue Classification 198

Introduction to RAPIDS 198 Viewing Overall Network Health on RAPIDS > Overview 198 Setting Up RAPIDS 200

RAPIDS Setup 200

Basic Configuration 200

Classification Options 201

6 | Contents Dell Network ing W-AirWave 8.0 | User Guide

Containment Options 201

Filtering Options 202 Additional Settings 202

Defining RAPIDS Rules 203

Controller Classification with WMS Offload 203 Device OUI Score 204 Rogue Device Threat Level 204 Viewing and Configuring RAPIDS Rules 204

Deleting or Editing a Rule 207 Recommended RAPIDS Rules 207 Using RAPIDS Rules with Additional AirWave Functions 208

Viewing Rogues on the RAPIDS > List Page 208 Overview of the RAPIDS > Detail Page 211

Viewing Ignored Rogue Devices 212 Using RAPIDS Workflow to Process Rogue Devices 212

Score Override 212 Using the Audit Log 214 Additional Resources 214

Performing Daily Administration in AirWave 216

Monitoring and Supporting AirWave with the System Pages 216

Using the System > Status Page 217 Viewing Device Events in System > Syslog & Traps 218 Using the System > Event Log Page 219 Triggers and Alerts 220

Creating New Triggers 220

Viewing, Delivering, and Responding to Triggers and Alerts 228

Backing Up AirWave 231

Viewing and Downloading Backups 231 Running Backup on Demand 231 Restoring from a Backup 231 Using the System > Configuration Change Jobs Page 232 Using the System > Firmware Upgrade Jobs Page 232 Using the System > Performance Page 233

Monitoring and Supporting WLAN Clients 236

Overview of the Clients Pages 237 Monitoring Your Network with the Clients > Overview Page 238 Monitoring WLAN Users in the Clients > Connected and Clients > All Pages 239 Monitoring Rogue Clients With the Clients > Rogue Clients Page 243 Supporting Guest WLAN Users With the Clients > Guest Users Page 244 Supporting VPN Users with the Clients > VPN Sessions Page 247 Supporting RFID Tags With the Clients > Tags Page 248

Evaluating and Diagnosing User Status and Issues 249

Evaluating User Status with the Clients > Client Detail Page 249

Mobile Device Access Control in Clients > Client Detail and Clients > Connected 250

Classifying Dell Devices in Client Detail 251

Quick Links for Clients on Dell Devices 251

Using the Deauthenticate Client Feature 252

Viewing a Client’s Association History 252

Viewing the Rogue Association History for a Client 253 Evaluating Client Status with the Clients > Diagnostics Page 253

Dell Network ing W-AirWave 8.0 | User Guide Contents | 7

Managing Mobile Devices with SOTI MobiControl and AirWave 254

Overview of SOTI MobiControl 254 Prerequisites for Using MobiControl with AirWave 254 Adding a Mobile Device Management Server for MobiControl 254 Accessing MobiControl from the Clients > Client Detail Page 255

Monitoring and Supporting AirWave with the Home Pages 255

Monitoring AirWave with the Home > Overview Page 256 Using the Home >AppRF Page 258 Using the Home >UCC Page 259 Call Quality 260 Quality Correlation 260 Call Volume 260 Devices 260 UCC Chart Details 260 Viewing the Home >RF Performance Page 261 Viewing the Home >RFCapacity Page 262 Viewing the Home > Network Deviations Page 264

How Standard Deviation is Calculated 265 The Home > Search Page 266 Accessing AirWave Documentation 267 Viewing and Updating License Information 267 Configuring Your Own User Information with the Home > User Info Page 269

Supporting AirWave Servers with the Master Console 271

Using the Public Portal on Master Console 272 Adding a Managed AMP with the Master Console 273 Using Global Groups with Master Console 274

Controller Backups and Restoration 274 Using AirWave Failover for Backup 275

Navigation Section of AirWave Failover 275 Adding Watched AirWave Stations 275

Logging out of AirWave 276

Creating, Running, and Emailing Reports 278

Overview of AirWave Reports 278

Reports > Definitions Page Overview 278 Reports > Generated Page Overview 280

Defining Reports 281 Using Daily Reports 287

Viewing Generated Reports 288 Using Custom Reports 288 Using the Dell Networking W License Report 289 Using the Capacity Planning Report 290

Example 290 Using the Client Inventory Report 292

Example 292 Using the Client Session Report 294 Using the Configuration Audit Report 296 Using the Device Summary Report 297 Using the Device Uptime Report 299 Using the IDS Events Report 300 Using the Inventory Report 302

8 | Contents Dell Network ing W-AirWave 8.0 | User Guide

Example 302 Using the Match Event Report 304 Using the Memory and CPU Utilization Report 305 Using the Network Usage Report 306 Using the New Clients Report 308 Using the New Rogue Devices Report 309 Using the PCI Compliance Report 311 Using the Port Usage Report 312 Using the RADIUS Authentication Issues Report 314 Using the RF Health Report 315 Using the Rogue Clients Report 316 Using the Rogue Containment Audit Report 318 Using the VPN Session Report 318

Emailing and Exporting Reports 319

Emailing Reports in General Email Applications 319 Emailing Reports to Smarthost 320 Exporting Reports to XML, CSV, or PDF 320

Using VisualRF 322

Features 323 Useful Terms 323 Starting VisualRF 324 Basic VisualRF Navigation 324

Network View Navigation 325 Floorplan View Navigation 326

Display Devices 326

Overlays 326

Relation Lines 327

Floorplan Features 327 Mesh View Navigation 327 Configuring Flash UI Personal Preferences 329

General Flash UI Preferences 329

AP Flash UI Preferences 330

Clients Flash UI Preferences 331

Overlays Flash UI Preferences 331

Grid Lines Flash UI Preferences 332

Navigation Flash UI Preferences 332

Advanced Settings in VisualRF > Setup 333

Server Settings 334 Location Settings 335 Location Calculation Timer Settings 336 Attenuation Settings 338

Adding a New Attenuation 339 VisualRF Resource Utilization 339

Planning and Provisioning 340

Creating a New Campus 340 Creating a New Building 340 Creating a Floor Plan 342 Editing a Floor Plan Image 342

Cropping the Floor Plan Image 342

Sizing a Non-CAD Floor Plan 343

Dell Network ing W-AirWave 8.0 | User Guide Contents | 9

Defining Floor Plan Boundaries 344

Legacy VisualRF Floor Plan Configuration Options 344 Defining Floor Plan Regions 345

Adding Region to a New Floor using the Floor Upload Wizard 345

Adding a Region to an Existing Floor Plan 345

Legacy Region Configuration Settings 346 Editing a Planning Region 349 Floor Plan Properties 349 Adding Deployed Access Points onto the Floor Plan 349 Adding Planned APs onto the Floor Plan 350 Auto-Matching Planned Devices 351 Printing a Bill of Materials Report 351

Increasing Location Accuracy 352

Adding Exterior Walls 353 Defining Stationary Devices 354 Fine-Tuning Location Service in VisualRF > Setup 355

Decreasing Grid Size 355

Enabling Dynamic Attenuation 355

Configuring Infrastructure 355

Deploying APs for Client Location Accuracy 356 Adding Client Surveys 357

Using VisualRF to Assess RF Environments 359

Viewing a Wireless User’s RF Environment 359

Tracking Location History 360

Checking Signal Strength to Client Location 361 Viewing an AP’s Wireless RF Environment 361 Viewing a Floor Plan’s RF Environment 362 Viewing a Network, Campus, Building’s RF Environment 363 Viewing Campuses, Buildings, or Floors from a List View 363 Viewing Campuses, Buildings, or Floors from a Tree View 364

Importing and Exporting in VisualRF 365

Exporting a campus 365 Importing from CAD 365 Batch Importing CAD Files 365

Requirements 365

Pre Processing Steps 366

Upload Processing Steps 366

Post Processing Steps 366

Sample Upload Instruction XML File 366

Common Importation Problems 367 Importing from a Dell Networking W-Series Controller 367

Pre-Conversion Checklist 367

Process on Controller 367

Process on AirWave 367

VisualRF Location APIs 368

Sample Device Location Response 368 Sample Site Inventory Response 368

About VisualRF Plan 369

Overview 369 Minimum requirements 369

10 | Contents Dell Networki ng W-Ai rWav e 8.0 | User Guide

VisualRF Plan Installation 369 Differences between VisualRF and VisualRF Plan 369

Index 371

Dell Network ing W-AirWave 8.0 | User Guide Contents | 11

12 | Contents Dell Networki ng W-Ai rWav e 8.0 | User Guide

Chapter 1

Introduction

Thank you for choosing Dell Networking W-AirWave 8.0.AirWave makes it easy and efficient to manage your wireless network by combining industry-leading functionality with an intuitive user interface, enabling network administrators and helpdesk staff to support and control even the largest wireless networks in the world.

The User Guide provides instructions for the configuration and operation of Dell Networking W-AirWave. This section includes the following topics:

l "A Unified Wireless Network Command Center" on page 13

l "Integrating AirWave into the Network and Organizational Hierarchy " on page 15

Refer to the

Dell Networking W-AirWave 8.0 Installation Guide

for information on installing and upgrading AirWave.

A Unified Wireless Network Command Center

Dell Networking W-AirWave 8.0 is the only network management software that offers you a single intelligent console from which to monitor, analyze, and configure wireless networks in automatic fashion. Whether your wireless network is simple or a large, complex, multi-vendor installation, AirWave manages it all.

AirWave supports hardware from leading wireless vendors including the following:

l Dell Networking W-Series

l Aruba Networks®

l Avaya™

l Cisco® (Aironet and WLC)

l Enterasys®

l Juniper Networks®

l LANCOM Systems

l Meru Networks®

l Nortel Networks™

l ProCurve™ by HP®

l Proxim®

l Symbol™

l Trapeze™

l Tropos™

and many others.

The components of AirWave are described in the next section.

AirWave Management Platform

The AirWave Management Platform (AirWave) is the centerpiece of AirWave, offering the following functions and benefits:

l Core network management functionality:

n Network discovery

Dell Network ing W-AirWave 8.0 | User Guide Introduction | 13

n Configuration of APs & controllers

n Automated compliance audits

n Firmware distribution

n Monitoring of every device and user connected to the network

n Real-time and historical trend reports

l Granular administrative access

n Role-based (for example, Administrator contrasted with Help Desk)

n Network segment (for example, Retail Store network contrasted with Corporate HQ network)

l Flexible device support

n Thin, thick, mesh network architecture

n Multi-vendor support

n Current and legacy hardware support

Controller Configuration

AirWave supports global and group-level configuration of Dell Networking W-Series ArubaOS (AOS), the operating system, software suite, and application engine that operates mobility and centralizes control over the entire mobile environment. For a complete description of Dell Networking W-Series ArubaOS, refer to the Dell Networking W-Series ArubaOS User Guide for your specific version.

AirWave consolidates and pushes global controller configurations from within AirWave.

Two pages in AirWave support controller configuration:

l Device Setup > Dell Configuration for global Dell Configuration. This page is available if Use Global Dell

Configuration is set to Yes in AMP Setup > General.

l Groups > Controller Config for group-level configuration.

For additional information that includes a comprehensive inventory of all pages and settings that support Dell Networking W Configuration, refer to the Dell Networking W-AirWave 8.0 Controller Configuration Guide.

Instant Configuration

Dell Networking W-Instant (Instant) is a system of access points in a Layer 2 subnet. The IAPs are controlled by a single IAP that serves a dual role as an W-IAP and primary Virtual Controller (VC), eliminating the need for dedicated controller hardware. This system can be deployed through a simplified setup process appropriate for smaller organizations, or for multiple geographically dispersed locations without an on-site administrator.

With AirWave, IT can centrally configure, monitor, and troubleshoot Aruba Instant WLANs, upload new software images, track devices, generate reports, and perform other vital management tasks, all from a remote location.

Starting with AirWave 8.0, a Virtual Controller or Instant AP can authenticate to the AirWave server using a pre-shared key, or using two-way certificate-based authentication using an SSL certificate sent from AirWave to the Instant device. Virtual Controllers push data to AirWave via HTTPS. If your enterprise has a security policy that restricts the use of port 443 for inbound communication, you can change the port AirWave uses to communicate with Instant devices.

For additional information that includes a comprehensive inventory of all pages and settings that support Instant Configuration, refer to the Dell Networking W-Instant in Dell Networking W-AirWave 8.0 Deployment Guide.

VisualRF

VisualRF is a powerful tool for monitoring and managing radio frequency (RF) dynamics within your wireless network, to include the following functions and benefits:

l Accurate location information for all wireless users and devices

14 | Introduction Del l Networki ng W-Ai rWav e 8.0 | User Guide

l Up-to-date heat maps and channel maps for RF diagnostics

n Adjusts for building materials

n Supports multiple antenna types

l Floor plan, building, and campus views

l Visual display of errors and alerts

l Easy import of existing floor plans and building maps

l Planning of new floor plans and AP placement recommendations

RAPIDS

RAPIDS is a powerful and easy-to-use tool for monitoring and managing security on your wireless network, to include the following features and benefits:

l Automatic detection of unauthorized wireless devices

l Rogue device classification that supports multiple methods of rogue detection

l Wireless detection:

n Uses authorized wireless APs to report other devices within range.

n Calculates and displays rogue location on VisualRF map.

l Wired network detection:

n Discovers rogue APs located beyond the range of authorized APs/sensors.

n Queries routers and switches.

n Ranks devices according to the likelihood they are rogues.

n Multiple tests to eliminate false positive results.

n Provides rogue discovery that identifies the switch and port to which a rogue device is connected.

Master Console and Failover

The Dell Networking W-AirWave Master Console and Failover tools enable network-wide information in easy-tounderstand presentation, to entail operational information and high-availability for failover scenarios. The benefits of these tools include the following:

l Provides network-wide visibility, even when the WLAN grows to 50,000+ devices

l Executive Portal allows executives to view high-level usage and performance data

l Aggregated alerts

l Failover

n Many-to-one failover

n One-to-one failover

The Master Console and Failover servers can be configured with a Device Down trigger that generates an alert if communication is lost. In addition to generating an alert, the Master Console or Failover server can also send email or NMS notifications about the event.

Integrating AirWave into the Network and Organizational Hierarchy

AirWave generally resides in the NOC and communicates with various components of your WLAN infrastructure. In basic deployments, AirWave communicates solely with indoor wireless access points (and WLAN controllers over the wired network. In more complex deployments, AirWave seamlessly integrates and communicates with authentication servers, accounting servers, TACACS+ servers, LDAP servers, routers, switches, network management servers, wireless IDS solutions, helpdesk systems, indoor wireless access points, mesh devices. AirWave has the flexibility to manage

Dell Network ing W-AirWave 8.0 | User Guide Introduction | 15

devices on local networks, remote networks, and networks using Network Address Translation (NAT). AirWave communicates over-the-air or over-the-wire using a variety of protocols.

The power, performance, and usability of AirWave become more apparent when considering the diverse components within a WLAN. Table 1 itemizes some example network components.

Table 1:

Components of a WLAN

Component Description

Autonomous AP Standalone device which performs radio and authentication functions

Thin AP Radio-only device coupled with WLAN controller to perform authentication

WLAN Controller Used in conjunction with thin APs to coordinate authentication and roaming

NMS Network Management Systems and Event Correlation (OpenView, Tivoli, and so forth)

RADIUS Authentication

RADIUS Accounting AirWave itself serves as a RADIUS accounting client

Wireless Gateways Provide HTML redirect and/or wireless VPNs

TACACS+ and LDAP Used to authenticate AirWave administrative users

Routers/Switches Provide AirWave with data for user information and AP and Rogue discovery

Help Desk Systems Remedy EPICOR

Rogue APs Unauthorized APs not registered in the AirWave database of managed APs

RADIUS authentication servers (Funk, FreeRADIUS, ACS, or IAS)

Administrative Roles

The flexibility of AirWave enables it to integrate seamlessly into your business hierarchy as well as your network topology. AirWave facilitates various administrative roles to match each individual user's role and responsibility:

l A Help Desk user can be given read-only access to monitoring data without being permitted to make configuration

changes.

l A U.S.-based network engineer can be given read-write access to manage device configurations in North America,

but not to control devices in the rest of the world.

l A security auditor can be given read-write access to configure security policies across the entire WLAN.

l NOC personnel can be given read-only access to monitoring all devices from the Master Console.

16 | Introduction Del l Networki ng W-Ai rWav e 8.0 | User Guide

Configuring AirWave

This section contains the following procedures to deploy initial AirWave configuration:

l "Formatting the Top Header" on page 17

l "Customizing Columns in Lists" on page 19

l "Resetting Pagination Records" on page 20

l "Using the Pagination Widget" on page 21

l "Using Export CSV for Lists and Reports" on page 21

l "Defining Graph Display Preferences" on page 21

l "Customizing the Dashboard" on page 22

l "Setting Severe Alert Warning Behavior" on page 27

l "Defining General AirWave Server Settings" on page 28

l "Defining AirWave Network Settings" on page 39

l "Creating AirWave User Roles" on page 43

l "Creating AirWave Users" on page 41

l "Configuring Login Message, TACACS+, RADIUS, and LDAP Authentication" on page 48

l "Enabling AirWave to Manage Your Devices" on page 58

l "Setting Up Device Types" on page 64

l "Configuring Cisco WLSE and WLSE Rogue Scanning" on page 65

l "Configuring ACS Servers" on page 70

l "Integrating AirWave with an Existing Network Management Solution (NMS) " on page 71

l "Auditing PCI Compliance on the Network" on page 73

l "Deploying WMS Offload" on page 76

Chapter 2

Additional configurations are available after basic configuration is complete.

Before You Begin

Remember to complete the required configurations in this chapter before proceeding. Dell support remains available to you for any phase of AirWave installation.

Formatting the Top Header

The Dell Networking W-AirWave interface centers around a horizontal row of tabs with nested subtabs.

A row of statistics hyperlinks called Top Header Stats above the tabs represents commonly used subtabs. These hyperlinks provide the ability to view certain key statistics by mousing over, such as number and type of Down devices, and serve as shortcuts to frequently viewed subtabs. Figure 1 illustrates the navigation bar. More information on hyperlinks, tabs, and subtabs is a available in the Dell Networking W-AirWave 8.0 Installation Guide.

Dell Network ing W-AirWave 8.0 | User Guide Configuring AirWave | 17

Figure 1:Navigation Bar Displaying Down Device Statistics

You can control the Top Header Stats links that appear from the AMP Setup > General page, as described in "Defining

General AirWave Server Settings" on page 28. Top Header Stats can also be customized for individual users on the

Home > User Info page. There you can select the statistics to display for certain device types and override the AMP Setup page.

All possible display options for users are show in Figure 2.

A confirmation message does not appear when you make modifications to the Top Header Stats.

Refer to "Configuring Your Own User Information with the Home > User Info Page" on page 269 for more information.

Figure 2:Home > User Info Top Header Stats Display Options

You can also set the severity level of critical alerts displayed for a user role. For details including a description of what constitutes a severe alert, see "Setting Severe Alert Warning Behavior" on page 27.

18 | Configuring AirWave Dell Network ing W-AirWave 8.0 | User Guide

Customizing Columns in Lists

Customize the columns for any list table selecting Choose Columns, as shown in the figure below. Use the up/down arrows to change the order in which the column heads appear.

Figure 3:Choose Columns Drop down List

More information about the universal list elements is available in "Common List Settings" in the Dell Networking WAirWave 8.0 Installation Guide.

You can also control which column heads appear for each user role. Navigate to the Home > User Info page, and then select Yes in the Customize Columns for Other Roles field. This exposes the Choose Columns for Roles drop down menu in all tables shown in Figure 4.

The first column shows the user roles that were customized, if any. The second column allows you to establish left-toright columns and order them using the arrows.

Dell Network ing W-AirWave 8.0 | User Guide Configuring AirWave | 19

Figure 4:Table with Choose Columns for Roles Menu Selected

Resetting Pagination Records

To control the number of records in any individual list, select the link with Records Per Page mouseover text at the top left of the table, as shown in Figure 5. AirWave remembers each list’s pagination preferences.

Figure 5:Records Per Page Drop Down Menu

To reset all Records Per Page preferences, click the Reset reset button in the Display Preferences section of the Home > User Info page, as shown in Figure 6.

Figure 6:Home > User Info > Display Preferences section

20 | Configuring AirWave Dell Network ing W-AirWave 8.0 | User Guide

Using the Pagination Widget

The pagination widget is located at the top and bottom of every list table, as shown in Figure 7.

Figure 7:Pagination Widget

Use the down arrow next to Page 1 to see all the page numbers for that table in a drop down menu. From here, you can jump to any portion of the table. Select the > symbol to jump to the next page, and >| to jump to the last page.

Using Export CSV for Lists and Reports

Some tables have a Export CSV setting you can use export the data as a spreadsheet. See Figure 8 for an example of a list with the Export CSV option selected.

Figure 8:List with CSV Export Selected

AirWave also enables CSV exporting of all report types. For more information, see "Exporting Reports to XML, CSV, or

PDF" on page 320.

Defining Graph Display Preferences

Many of the graphs in AirWave are Highcharts, which allow you to adjust the graph settings attributes as shown in

Figure 9.

Dell Network ing W-AirWave 8.0 | User Guide Configuring AirWave | 21

Figure 9:Interactive Graphs on the Home > Overview Page

Highcharts are built with JavaScript, so the graphs can run directly through your browser without the need for additional client-side plugins. This makes it possible to view your AirWave charts on a mobile device.

These charts can be used and customized as follows.

l A Time Range selector in the upper right portion of the charts (including pop-up charts) allows you to select a

common or a custom date range for your data. The preconfigured ranges for AirWave charts are current 2 hours, 1 day, 1 week, and 1 year.

l Drop-down menus are available for viewing client and usage for specific SSIDs and/or all SSIDs. A search field is

available to help you quickly find a specific WLAN.

You can select up to six options from each drop-down menu. Once selected, each option will appear in the colorcoded legend below the chart. Clicking on an option in this legend will disable or enable that information in the graph. Note that even if an option is disabled from viewing in the graph, that option will still remain in the legend until you deselect it from the drop-down menu.

l Max and Avg options allow you to change the chart view to show the maximum or average client and usage

information.

l Plot points display within the chart at varying intervals, depending on the selected time range. Tooltips and a plot

line appear as you hover over each plot point, showing you the detailed information for that specific time.

l Click on any chart to view a pop-up version. In this version, you can easily zoom in on a range of data by using your

mouse to drag a rectangle in the chart. While you are zoomed in, a Reset zoom button appears, enabling you to return to the original view. The pop-up charts also include a legend that displays the Last, Min, Max, and Avg values for the selected graph.

l Some charts include a drop-down option next to the graph title. For example, on the APs/Devices > Monitor page

for Radio Statistics, you can select the drop-down beside the graph title to view a graph for Client, Usage, Radio Channel, Radio Noise, Radio Power, Radio Errors, and 802.11 Counters information. In prior versions of AirWave, these graphs appeared as separate tabs.

Customizing the Dashboard

You can rearrange or remove widgets appearing on the Home > Overview dashboard by selecting the Customize link to the right of this window, as shown in Figure 10.

Figure 10:Customize Button on the Home > Overview Page

22 | Configuring AirWave Dell Network ing W-AirWave 8.0 | User Guide

The Customize workspace that appears is shown in Figure 11.

Figure 11:Customize Overview Page

Adding Widgets

The Home > Overview page displays the currently selected widgets (charts/graphs). You can change the widgets on this page by selecting the Customize link in the upper-right corner.

The Available Widgets section on the left holds all available graphical elements (widgets). Select any blue widget tile with a verbal description enclosed, and it immediately turns into a graphical element with a description.

Drag the widgets you want to appear on the Home > Overview dashboard across to the gridlines and arrange them in the right section, within the gridlines. A widget snaps back to the nearest available gridline if you drop it across two or more lines and turns red if you attempt to place it over gridlines already occupied by widgets. Widgets with a green top banner are properly placed and set to appear when you select Save. Widgets that remain in the left section will not appear; although they can be reinstated by selecting Restore Defaults.

Available Widgets

Table 2 describes the list of available widgets along with a description for each. Note that when a widget is enabled, the

information that displays can vary based on the user’s permission level. Certain roles, for example, limit the top folder that a user can view.

Dell Network ing W-AirWave 8.0 | User Guide Configuring AirWave | 23

Table 2:

Available Widgets

Widget Description

The Client graph is enabled by default and, by default, shows the maximum number of attached clients over the last two hours. Select the Show All link to view more specific client information on the graph, such as the total and average clients for a specific SSID, the maximum VPN sessions, etc. The available check boxes within this graph are determined by the SSIDs that AirWave is aware of from polling the device.

Client/Usage Graphs

Monitoring and Config Pie

The Usage graph is enabled by default and, by default, shows the average bits-per-second in/out information and average VPN in/out information. Select the Show All link to view usage information for specific SSIDs. The available checkboxes within this graph are determined by by the SSIDs that AirWave is aware of from polling the device.

The information in these graphs is color coded to match the selected check boxes.

The Monitoring Status pie shows the percentage of total devices that are up and the number and percentage of devices that are currently down. Clicking within this pie chart takes you to the APs/ Devices > Down page.

The Configuration Compliance pie shows the percentage of devices that are mismatched, good, unknown, and those with auditing disabled. It also provides a summary of the total number of devices that are mismatched. Clicking within this pie chart takes you to the APs/Devices > Mismatch page.

These pie charts are enabled by default.

Alert Summary

Quick Links

RAPIDS: Acknowledged

RAPIDS: Classification Pie

The Alert Summary table is enabeld by default and provides the number of AirWave alerts, IDS events, and RADIUS authentication issues over the last 2 hours, the last 24 hours, and the total since the last AirWavereboot.

l Click on AirWave Alerts to drill down to more detailed alert information.

This information displays in the current page. You can return to the Alert Summary graph by selecting the Home Overview link.

l Click on IDS Events to drill to more detailed event information. This link

takes you to the RAPIDS > IDS Events page.

l Click on RADIUS Authentication Issues to drill to more detailed RADIUS

authentication information. This information displays in the current page. You can return to the Alert Summary graph by selecting the Home Overview link.

The Quick Links section is enabled by default. This section provides the user with easy navigation to a specific folder, group, report, or common task.

The Acknowledged RAPIDS Devices pie chart shows the percentage of acknowledged and unacknowledged RAPIDS that the user has visibility into. The RAPIDS information appears from the moment a rogue is discovered until it is deleted. Ignored rogues, however, are not included in this chart.

This chart also displays on the RAPI DS > Overview page.

The RAPIDS: Classification Pie shows the percentage of devices classified as Valid, Suspected Neighbor, Suspected Valid, Suspected Rogue, Rogue, and Neighbor that are attached to AirWave. The RAPIDS information appears from the moment a rogue is discovered until it is deleted. Ignored rogues, however, are not included in this chart.

This pie chart can also be viewed on the RAPIDS > Overview page.

24 | Configuring AirWave Dell Network ing W-AirWave 8.0 | User Guide

Table 2:

Available Widgets (Continued)

Widget Description

The RAPIDS: Classification Summary table shows the number of devices classified as Valid, Suspected Valid, Neighbor, Suspected Neighbor, Suspected Rogue, Rogue, and Unclassified that are attached to AirWave. In

RAPIDS: Classification Summary

IDS Events

RAPIDS: OS Pie

RAPIDS: OS Summary

addition, contained rogue information will appear if Manage rogue AP containment is set to Yes on the RAPIDS > Setup page.

The RAPIDS information appears from the moment a rogue is discovered until it is deleted. Note that ignored rogues are not included in this chart.

This table can also be viewed on the RAPIDS > Overview page.

The IDS Event s table shows the number and type of attacks logged by the intrusion detection system over the last 2 hours, the last 24 hours, and the total since the last AirWave reboot. This is the same table that displays on the RAPIDS > Overview page.

The RAPIDS: OS Pie chart shows the top 9 rogue devices by OS, Others, Unknown, and Not Scanned. The RAPIDS information appears from the moment a rogue is discovered until it is deleted. Note that ignored rogues are not included in this chart.

This pie chart can also be viewed on the RAPIDS > Overview page.

The RAPIDS: OS Summary table shows the top 9 rogue devices by OS, Others, Unknown, and Not Scanned. The RAPIDS information appears from the moment a rogue is discovered until it is deleted. Note that ignored rogues are not included in this chart.

This table can also be viewed on the RAPIDS > Overview page.

Top Folders By AP Usage

Top Folders By A Radio Channel Usage

Top Folders By BG Radio Channel Usage

This chart lists the folders and the number of APs in each folder whose usage is greater than the cutoff (or usage threshold). The cutoff represents 75% of the maximum usage, where the maximum usage is the AP with the highest usage regardless of the folder in which it resides. The cutoff value is displayed within the title, and this value can vary. The chart takes into account approved APs with radios based on the last 24 hours. In addition, this chart is updated every hour.

This chart shows the folders and the number of A radios (5GHz) in each folder whose channel usage is greater than the cutoff (or usage threshold) as measured by Mbps. This cutoff is on the on the AMP Set up > General page using the Configure Channel Busy Threshold option. If this option is not configured, then the cutoff is 75% of the ‘maximum,’ where the ‘maximum’ refers to the AP that has the highest usage regardless of the folder in which it resides. The cutoff value is displayed within the title, and this value can vary. This chart takes into account approved APs with ‘A’ radios based on the last 24 hours. In addition, this chart is updated every hour.

This chart shows the folders and the number of BG radios (2.4GHz) in each folder whose channel usage is greater than the cutoff (or usage threshold) as measured by Mbps. This cutoff is on the on the AMP Set up > General page using the Configure Channel Busy Threshold option. If this option is not configured, then the cutoff is 75% of the ‘maximum,’ where the ‘maximum’ refers to the AP that has the highest usage regardless of the folder in which it resides. The cutoff value is displayed within the title, and this value can vary. This chart takes into account approved APs with ‘BG’ radios based on the last 24 hours. In addition, this chart is updated every hour.

Dell Network ing W-AirWave 8.0 | User Guide Configuring AirWave | 25

Table 2:

Available Widgets (Continued)

Widget Description

This chart shows the folders and the number of A radios (5GHz) in each

folder whose client count is greater than the cutoff. The cutoff represents 75% Top Folders By A Radio Client Count

Top Folders By BG Radio Client Count

Top Clients By Total Traffic

of the ‘maximum,’ where the ‘maximum’ is the radio that has the highest client

count regardless of the folder. The cutoff value is displayed within the title

and can vary. This chart takes into account approved APs with A radios

based on the last 24 hours. In addition, this chart is updated every hour.

This chart shows the folders and the number of BG radios (2.4GHz) in each

folder whose client count is greater than the cutoff. The cutoff represents 75%

of the ‘maximum,’ where the ‘maximum’ is the radio that has the highest client

count regardless of the folder. The cutoff value is displayed within the title

and can vary. This chart takes into account approved APs with BG radios

based on the last 24 hours. In addition, this chart is updated every hour.

The widget looks at currently connected clients as well has client historical

information over the past 24 hours and then displays the top 10 clients with

the must usage. You can click on a MAC address to view more information

about any of the clients that display on this table. This table is updated every

hour.

Clients By AOS Device Type

Clients By Device Type

Clients By Device Mfgr

Clients By Device Model

Clients By Mfgr & Model

Clients By Device OS

Clients By Device OS Detail

Clients By Network Vendor