WLAN Management

Configuration Management

An AC controls and manages APs on WLAN. With AC management, you can connect an AP to WLAN in any of the following modes: confirm AP identities, add an AP in offline mode, and add an AP to the whitelist. (Note: This function applies to WLAN V200R006 and earlier versions only.)

• Unauthorized AP

  The Unauthorized AP page displays APs whose MAC addresses or SNs are not in the whitelist. On this page, you can acknowledge unauthorized APs in batches to add them to the whitelist. Then, APs in the whitelist are brought online.

• AP whitelist

  Network administrators can add MAC addresses of APs or AP SNs to an AP whitelist to allow the APs to go online normally.

• AP blacklist

  Network administrators can add MAC addresses of APs to an AP blacklist, preventing unauthorized APs from going online.

• Client blacklist

  Network administrators can add MAC addresses of wireless clients to a blacklist, preventing unauthorized clients from connecting to APs. Network administrators can also blacklist unauthorized clients and set the AP countermeasure mode to client blacklist. The system performs countermeasure against devices from the client blacklist.

Configuration and Deployment

Compared with earlier versions, the configuration mode in WLAN V2R6 changes a lot. In V2R6, configuration is completed based on AP group profiles. eSight provides the WLAN configuration and deployment function to adapt to this change. This function provides profile-based configuration for WLAN devices of V2R6 and later versions.

• You can configure VLAN IF interfaces and IP address pools for ACs and X7-series switches.

• You can configure global parameters for ACs.

• You can configure channels for interface groups.

• The AP group service deployment allows users to configure an AC. In addition, AP group management and profile management are added in the Object Manager of each WLAN device of V200R006 or a later version. You can create, delete, modify AP groups, and manage group members and profiles on ACs.

Network Resource Monitoring

The Region Object Manager provides the following information: physical resources over the entire network or in each region, resource statistics, performance statistics, user statistics, and Wireless Intrusion Detection System (WIDS).

• Physical resources

  AC: AC status, name, type, IP address, AP authentication mode, forwarding type, country code, subnets, total number of APs, number of online APs, and number of online clients

  AP: AP status, name, alias, type, category, SN, MAC address, IP address, countermeasure, radio's working mode, AC name, home region, location, WLAN location, subnets, and number of online clients

  The name, alias, and location of an AP can be modified.

  The inventory of access points can be exported, including the status, name, alias, type, category, SN, MAC address, IP address, countermeasure, radio's working mode, AC name, home region, location, subnet, and number of online users.

  User: include the user name (user login), MAC address, IP address, status, access type, access device (access point), access interface, access VLAN, sending rate, IPv6 address, parent device, signal quality, association start time, transmitted traffic, received traffic, terminal type, terminal operating system, and receiving rate.

  The terminal type and terminal operating system are used to identify the terminal connected to the AC. Data of the terminal type and terminal operating system comes from the Agile Controller. Therefore, the terminal type and terminal operating system can be properly displayed only after eSight is interconnected with the Agile Controller.

  SSID: SSID, AC name, ESS profile name, and Fat AP name

  Region: region name, total number of APs, total number of online APs, and total number of online clients

  Link: link display and link statistics

• Resource statistics

  Network overview: includes online WLAN client statistics, Top N SSID client statistics, and radio resource statistics.

• Performance statistics

  Displays terminals associated with APs, AP physical resources, AP traffic, radio traffic, client traffic, and real-time WIDS attacks.

• Current access client

  Information about current access clients, including the device type, role, operating system, and vendor information. (eSight can display the information only after it is successfully connected to the Agile Controller-Campus.)

• Client access history

  Historical data about client access.

• Security

  eSight monitors and recognizes unauthorized devices, clients, interference sources, and attacks based on user-defined rules, sends remote alarm notifications, and offers protection measures.

  1. Supports the statistics collection, display, and countermeasure of unauthorized devices. Unauthorized clients associated with unauthorized APs can be displayed.

  2. Supports the display, countermeasure, and suppression access protection of unauthorized clients.

  3. Supports the statistics collection and display of non-Wi-Fi interference sources.

  4. Supports the statistics collection, display, and countermeasure of attacks.

  5. Classifies unauthorized APs into rogue, suspected-rogue, adjacent, suspected-adjacent, and interference APs. Supported rules include adjacent or same frequency interference, signal strength, SSID (fuzzy or regular expression), number of detected APs, and attack.

• Object Manager

  Uniformly displays WLAN service data and performance data by AC, AP, radio, and terminal on the Object Manager.

Region Monitor

Region monitor is user-centric and integrates region-based user experience data. You can also define regions, add APs to the regions, and view AP performance in a specified region.

• Divides a region into multiple sub-regions and manage them by groups.
• Displays user experience information and key counters by region.
• Displays key counter Portal pages by region.

• Locates faults based on key counters in each region.

• For a non-bottom-layer region, users can set a GIS map as the subnet background. In addition, users can perform operations such as zooming in or out the map, moving the map, and setting locations on the map.

Fault Diagnosis

1. WLAN client fault diagnosis: Diagnoses network quality for online clients in terms of clients, SSIDs, APs, and ACs. If detecting any exception, the system displays potential problems and gives suggestions for you to rectify the exception. (Note: This function applies to WLAN V200R006 and earlier versions only.)

Integrated Wired and Wireless Management

After LLDP link discovery is enabled, you can view the links between wired PoE switches and wireless APs in the Region Monitor topology, enabling integrated wired and wireless management.

Energy Saving Management

eSight allows you to customize energy saving policies in terms of the AP, radio, and SSID. You can immediately or periodically start energy saving tasks, or disable wireless signal transmission. (Note: This function applies to WLAN devices of V200R006 and earlier versions only. For versions later than V2R6, users can enable energy saving in the VAP profile and configure energy saving on APs or AP group.)

Service Report

The system provides predefined reports including AC Join Statistics Report, AC Traffic Statistics Report, AC User Trend Report, Rogue AP Statistics Report, AP Interface Detail Report, AP Join Detail Report, AP Load Detail Report, AP Status Statistics Report, AP Traffic Detail Report, AP Uptime Report, and Radio Detail Report. If the predefined reports cannot meet the requirements, users can select data sources to customize reports.