User's Guide
Table Of Contents
- About This Guide
- Introduction
- AirTight Management Console Configuration
- Configure Language Setting
- Configure Time Zone and Tag for Location
- User Management
- User Authentication
- Wireless Intrusion Prevention System
- Manage WiFi Access
- Configure Device - Server Communication Settings
- Manage Policy Templates
- Manage Authorized WLAN Policy
- View High Availability Status for Server
- View/Upgrade License Details
- Manage Look and Feel of Reports
- Configure NTP
- Configure RF Propagation Settings
- Configure Live RF View Setting
- Configure Location Tracking
- Manage Auto Location Tagging
- Set up and Manage Server Cluster
- Manage Vendor OUIs
- Manage Device Template
- Configure SMTP Settings
- View System Status
- Upgrade Server
- Configure Auto Deletion Settings
- Manage Audit Log Settings
- Configure Integration with Enterprise Security Management Servers
- Manage WLAN Integration
- Manage AirTight Mobile Clients
- AirTight Mobile Settings
- Manage AirTight Mobile Clients
- Add AirTight Mobile Group Manually
- Edit AirTight Mobile Group
- Attach Policy to AirTight Mobile Group
- Overwrite Existing Policy for AirTight Mobile Group
- Detach Policy from AirTight Mobile Group
- View AirTight Mobile Group Policy in HTML Format
- View AirTight Mobile Group Policy in XML Format
- Activate Automatic Client Grouping
- Apply Default Policy to New Groups
- Print List of AirTight Mobile Groups for Location
- Delete AirTight Mobile Group
- Dashboard
- Devices
- AirTight Devices
- Device Properties
- View Visible LANs
- View Visible APs
- View Visible Clients
- View Active APs
- View Active Clients
- View AirTight Device Events
- View Channel Occupancy
- View Interference
- View Mesh Network Links
- Search AirTight Devices
- Sort AirTight Devices
- Change Location
- Print AirTight Device Information for Location
- Reboot Device
- Troubleshoot Device
- Upgrade or Repair Device
- Enable Pagination for AirTight Device Listing and Set Page Size
- Disable Pagination for AirTight Device Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Delete Device
- Monitor Clients
- View Client Properties
- View Recently Associated APs/Ad hoc networks
- View Events related to Client
- View Client Retransmission Rate Trend
- View Devices Seeing Client
- View Client Average Data Rate
- View Client Traffic
- Change Client Location
- Quarantine Client
- Disable Auto Quarantine/Exclude Device from Intrusion Prevention Policy
- Add to banned list
- Classify / Declassify as Smart Device
- Change Client Category
- Reset Data Transmitted by Client
- Locate Client
- View Recently Probed SSIDs
- Troubleshoot Client
- Debug Client Connection Problems
- Download Connection Log
- Delete Connection Log History
- Enable Pagination for Client Listing and Set Page Size
- Disable Pagination for Client Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print Client List for Location
- Delete Client
- Spectrogram
- Monitor Access Points (APs)
- View AP Properties
- View Recently Associated Clients
- View AP Utilization
- View AP Associated Clients
- View AP Traffic
- View AP Average Data Rate
- View Devices Seeing AP
- View AP Events
- Change AP Location
- Locate AP
- Quarantine an AP
- Change AP Category
- Disable Auto Quarantine
- Add to banned list
- Sort APs
- Filter AP Details
- Search APs
- Enable Pagination for AP Listing and Set Page Size
- Disable Pagination for AP Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print AP List for Location
- Merge APs
- Split AP
- Troubleshoot AP
- Delete AP
- Monitor Networks
- AirTight Devices
- Manage Locations and Location Layout
- Define Location Tree
- Add Location
- Edit Location
- Move Location
- Delete Location
- Search Locations
- Add Layout
- Edit Layout
- Delete Layout
- Show / Hide Location List
- Show/Hide Devices on Location Layout
- Place Devices/Locations on Location Layout
- Remove Devices/Locations from Location Layout
- View RF Coverage / Heat Maps
- Calibrate RF Views
- Zoom in / Zoom out Layout
- Adjust the Layout Opacity
- Add Note
- Edit Note
- Move Note
- Hide Notes
- Show Notes
- View Mesh Topology
- Hide Mesh Topology
- View and Manage Events
- View Events for Location
- View Deleted Events for Location
- Change Event Location
- Acknowledge Event
- Turn on Vulnerability Status for Event
- Turn off Vulnerability Status for Event
- Mark Event as Read
- Mark Event for Deletion
- Enable Pagination for Event Listing and Set Page Size
- Disable Pagination for Event Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print Event List for Location
- Forensics
- Reports
- Glossary of Icons
AirTight Management Console User Guide
240
AirTight Management Console provides various compliance reports related to wireless security
vulnerabilities, mandated by federal agencies, and other regulatory agencies. You can generate the
following reports using Reports in AirTight Management Console.
• DoD Directive 8100.2 Compliance Report - The sections of this report list the wireless
vulnerabilities detected in your network and the severity of security risk caused by these
vulnerabilities.
• GLBA Wireless Compliance Report - The 'Gramm-Leach Biley Act' (GLBA) of 1999, mandates
that financial institutions protect the security and confidentiality of the personally identifiable
financial information of their customers.
Section 501(Title V, Subtitle A) of the GLBA seeks to control leakage of customer financial data to
unauthorized users. Federal Trade Commission (FTC) safeguards Rule 16 CFR Part 314.4
specifically describes the elements that every financial institution must include in its information
security program. This report assesses the wireless security posture of the organization and
identifies wireless vulnerabilities that may expose your organization to leakage of customer
financial data.
1.
Part 314.4(a): This section requires the institution to designate employee(s) to coordinate its
information security program. This report establishes that employees are designated to present
customer financial data leakage through wireless.
2.
Part 314.4(b): This section requires the institution to identify risks to the confidentiality and
integrity of customer information that could result in its unauthorized disclosure. Periodic
generation and archival of this GLBA report establishes that your organization has the capabilities
to assess the risk of customer financial data leakage through wireless.
3.
Part 314.4(c): This section requires the institution to design information safeguards and
regularly monitor the effectiveness of such safeguards. Periodic generation and archival of this
GLBA report establishes that your organization has safeguards to prevent financial data leakage
through wireless.
• HIPAA wireless compliance report- The Health Insurance Portability and Accountability Act
(HIPAA) of 1996 by the Department of Health and Human Services (DHHS), mandates that
healthcare organizations must safeguard the privacy and security of patient health information
transmitted electronically.
HIPAA Security Rule 45 CFR seeks to control leakage of patient health data to unauthorized
users. This report assesses the wireless security posture of the organization and identifies wireless
vulnerabilities that may expose your organization to leakage of patient health data.
1. Section 164.308(a)(1): This section requires a security management process to be set up for risk
assessment and management. This HIPAA report is the first step in establishing a security
management process to assess and manage the risk of patient health data leakage through
wireless.
2. Section 164.308(a)(6): This section requires formal documentation and response procedures to
be set up to handle wireless security incidents promptly. Periodic generation and archival of this
HIPAA report establishes that your organization has a formal documentation and rapid response
program to handle incidents related to patient health data leakage through wireless.
3. Section 164.312(e)(1): This section requires patient health data transmitted over wireless
networks to be guarded against unauthorized access. Periodic generation and archival of this
HIPAA report establishes that your organization has the capabilities to monitor, detect and
safeguard against patient health data leakage through wireless.
Since wireless environments change dynamically, it is recommended that you conduct a HIPAA
wireless vulnerability assessment at least once every 15 days. Archive the HIPAA Wireless
Compliance reports. Establish an ongoing wireless security program to fix the top vulnerabilities
and to minimize your wireless security exposure.
The sections of this report list the wireless vulnerabilities detected in your network and the severity
of security risk caused by these vulnerabilities.