User's Guide
Table Of Contents
- About This Guide
- Introduction
- AirTight Management Console Configuration
- Configure Language Setting
- Configure Time Zone and Tag for Location
- User Management
- User Authentication
- Wireless Intrusion Prevention System
- Manage WiFi Access
- Configure Device - Server Communication Settings
- Manage Policy Templates
- Manage Authorized WLAN Policy
- View High Availability Status for Server
- View/Upgrade License Details
- Manage Look and Feel of Reports
- Configure NTP
- Configure RF Propagation Settings
- Configure Live RF View Setting
- Configure Location Tracking
- Manage Auto Location Tagging
- Set up and Manage Server Cluster
- Manage Vendor OUIs
- Manage Device Template
- Configure SMTP Settings
- View System Status
- Upgrade Server
- Configure Auto Deletion Settings
- Manage Audit Log Settings
- Configure Integration with Enterprise Security Management Servers
- Manage WLAN Integration
- Manage AirTight Mobile Clients
- AirTight Mobile Settings
- Manage AirTight Mobile Clients
- Add AirTight Mobile Group Manually
- Edit AirTight Mobile Group
- Attach Policy to AirTight Mobile Group
- Overwrite Existing Policy for AirTight Mobile Group
- Detach Policy from AirTight Mobile Group
- View AirTight Mobile Group Policy in HTML Format
- View AirTight Mobile Group Policy in XML Format
- Activate Automatic Client Grouping
- Apply Default Policy to New Groups
- Print List of AirTight Mobile Groups for Location
- Delete AirTight Mobile Group
- Dashboard
- Devices
- AirTight Devices
- Device Properties
- View Visible LANs
- View Visible APs
- View Visible Clients
- View Active APs
- View Active Clients
- View AirTight Device Events
- View Channel Occupancy
- View Interference
- View Mesh Network Links
- Search AirTight Devices
- Sort AirTight Devices
- Change Location
- Print AirTight Device Information for Location
- Reboot Device
- Troubleshoot Device
- Upgrade or Repair Device
- Enable Pagination for AirTight Device Listing and Set Page Size
- Disable Pagination for AirTight Device Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Delete Device
- Monitor Clients
- View Client Properties
- View Recently Associated APs/Ad hoc networks
- View Events related to Client
- View Client Retransmission Rate Trend
- View Devices Seeing Client
- View Client Average Data Rate
- View Client Traffic
- Change Client Location
- Quarantine Client
- Disable Auto Quarantine/Exclude Device from Intrusion Prevention Policy
- Add to banned list
- Classify / Declassify as Smart Device
- Change Client Category
- Reset Data Transmitted by Client
- Locate Client
- View Recently Probed SSIDs
- Troubleshoot Client
- Debug Client Connection Problems
- Download Connection Log
- Delete Connection Log History
- Enable Pagination for Client Listing and Set Page Size
- Disable Pagination for Client Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print Client List for Location
- Delete Client
- Spectrogram
- Monitor Access Points (APs)
- View AP Properties
- View Recently Associated Clients
- View AP Utilization
- View AP Associated Clients
- View AP Traffic
- View AP Average Data Rate
- View Devices Seeing AP
- View AP Events
- Change AP Location
- Locate AP
- Quarantine an AP
- Change AP Category
- Disable Auto Quarantine
- Add to banned list
- Sort APs
- Filter AP Details
- Search APs
- Enable Pagination for AP Listing and Set Page Size
- Disable Pagination for AP Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print AP List for Location
- Merge APs
- Split AP
- Troubleshoot AP
- Delete AP
- Monitor Networks
- AirTight Devices
- Manage Locations and Location Layout
- Define Location Tree
- Add Location
- Edit Location
- Move Location
- Delete Location
- Search Locations
- Add Layout
- Edit Layout
- Delete Layout
- Show / Hide Location List
- Show/Hide Devices on Location Layout
- Place Devices/Locations on Location Layout
- Remove Devices/Locations from Location Layout
- View RF Coverage / Heat Maps
- Calibrate RF Views
- Zoom in / Zoom out Layout
- Adjust the Layout Opacity
- Add Note
- Edit Note
- Move Note
- Hide Notes
- Show Notes
- View Mesh Topology
- Hide Mesh Topology
- View and Manage Events
- View Events for Location
- View Deleted Events for Location
- Change Event Location
- Acknowledge Event
- Turn on Vulnerability Status for Event
- Turn off Vulnerability Status for Event
- Mark Event as Read
- Mark Event for Deletion
- Enable Pagination for Event Listing and Set Page Size
- Disable Pagination for Event Listing
- Add Custom Filter
- Edit Custom Filter
- Delete Custom Filter
- Print Event List for Location
- Forensics
- Reports
- Glossary of Icons
AirTight Management Console User Guide
20
2.
Click Restore Defaults.
3.
Click Save to save the changes.
Copy RADIUS Configuration to Another Server
You can copy the RADIUS configuration from one server to another server when both servers are part of
the same server cluster. You can copy RADIUS configuration from child server to child server, parent
server to child server, or child server to parent server. You must be a superuser or an administrator to
copy policies from one server to another.
Note: When a RADIUS configuration is copied to another server, the value of the Locations field in the
replicated policy on the destination server is set to 'root' (location).
To copy RADIUS configuration, do the following.
1.
Go to Configuration>User Accounts>RADIUS Configuration on the parent server.
2.
Click Copy Policy. The Copy Policies dialog box appears.
3.
Select the server from which the RADIUS configuration is to be copied.
4.
Select the server to which the RADIUS configuration is to be copied.
5.
Click OK to copy the RADIUS configuration.
Configure Parameters for Certificate-based authentication
AirTight Management Console supports user authentication using digital certificates. Configure the
settings for user authentication using the Configuration>User Accounts>Certificate Configuration
option.
There are four ways to authenticate users - password only, certificate only, certificate and password and
certificate or password.
Password only: In this option, the user authentication is performed using the password. The user has to
enter the user name and the password at the login prompt. The password may be locally verified by the
system or may be verified using the external LDAP or RADIUS authentication service, as appropriate.
Certificate only: In this option, the user authentication is performed using the client certificate (such as
smart card). The user has to insert a smart card containing the client certificate in a reader attached to the
computer from where the console is accessed and then press the Login button. The system then verifies
the client certificate and obtains user identity (user name) from the certificate. Other attributes for the user
are retrieved either locally or from the external authentication services such as LDAP or RADIUS, as
appropriate. When this authentication option is set, the login screen appears as follows:
Certificate and Password: In this option, both the client certificate and the password are required for the
user authentication. The user has to insert a smart card containing the client certificate in a reader
attached to the computer from where the console is accessed, as well as enter the password at the login
prompt. The system verifies the password locally or using the external LDAP or RADIUS authentication
service, as appropriate. When this authentication option is set, the login screen appears as follows:
Certificate or Password: In this option, the user authentication is permitted either using the password or
using the client certificate. This option is appropriate for organizations which have only partially migrated
to using smart cards for authentication. At login prompt, the user can select certificate authentication by
checking the Use certificate for login box or continue with password authentication by entering login
name and password. When this authentication option is set, the login screen appears as follows: