Managing the WMS Database

The WMS process interacts with all theAMAir Monitor. AM is a mode of operation supported on wireless APs. When an AP operates in the Air Monitor mode, it enhances the wireless networks by collecting statistics, monitoring traffic, detecting intrusions, enforcing security policies, balancing wireless traffic load, self-healing coverage gaps, and more. However, clients cannot connect to APs operating in the AM mode.processes in the network. When WMS receives an event message from anAMAir Monitor. AM is a mode of operation supported on wireless APs. When an AP operates in the Air Monitor mode, it enhances the wireless networks by collecting statistics, monitoring traffic, detecting intrusions, enforcing security policies, balancing wireless traffic load, self-healing coverage gaps, and more. However, clients cannot connect to APs operating in the AM mode., the WMS process will save the event information along with theBSSIDBasic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly.of the AP that generated the event in the WMS database. Use the following commands in theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.to manage the WMS database.

Thewms export-dbcommand exports the specified file as anASCIIAmerican Standard Code for Information Interchange. An ASCII code is a numerical representation of a character or an action.text file into the WMS database.

(host)[mynode]#wms export-db

Thewms import-dbcommand imports the specified file into the WMS database:

(host)[mynode]#wms import-db

Thewms reint-dbcommand reinitializes the WMS database. Note that this command does not make an automatic backup of the current database.

(host)[mynode] #wms reint-db

本节describes the following topics:

Optimizing Classification Behavior

APs可configured to periodically send WMS a list of monitored devices that are still unclassified. Once the WMS receives this list, a classification message is sent from the WMS to the AP, to classify each unclassified device.

The following procedure describes how to configureIDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network.General profile parameters:

1.In theManaged Networknode hierarchy, navigate toConfiguration > System > Profiles.

2.扩大IDSmenu and selectIDS General.

3.扩大Advancedaccordion.

4.Configure the parameters as described inTable 1then clickSubmit.

5.ClickPending Changes.

6.In thePending Changeswindow, select the check box and clickDeploy changes.

Table 1:IDSGeneral Profile Parameters

Parameter	Description
Unclassified AP Update	Enables or disables classification updates for monitored APs. If this option is enabled, it helps decrease the delay in the speed at which the devices are classified. Default: Disabled
Unclassified STA Update	Enables or disables classification updates for monitored clients. If this option is enabled, it helps decrease the delay in the speed at which the devices are classified. Default: Disabled

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.命令配置IDSIntrusion Detection System. IDS monitors a network or systems for malicious activity or policy violations and reports its findings to the management system deployed in the network.General Profile parameters:

(host) [md](config)# ids general-profile

(host) [md] (IDS General Profile "") #unclass-ap-update

(host) [md] (IDS General Profile "")unclass-device-update-interval

(host) [md] (IDS General Profile "")unclass-sta-update

Managing the List of Valid Exempt Clients

The network administrator can configure clients to be exempted from valid station protection and valid station misassociation detection by adding the mac-address of those devices to the valid-exempt-list.

Once a clientMACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.address is added to the valid-exempt list:

If the client exists in the WMS, the classification is set to valid.

If the client does not exist in the WMS, a client entry is created and then the classification is set to valid.

After the classification is done, APs that are seeing the client are notified that the client is added to the valid-exempt list.

A maximum of 200MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.addresses can be added to a valid-exempt list. The valid-exempt list is not retained after themanaged devicereboots or a process is restarted.

You can configure clients to be exempted from valid station protection and valid station misassociation using theCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions..

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands add or removeMACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.addresses from the valid-exempt list:

(host)[md](config) #wms client valid-exempt insert

(host)[md](config) #wms client valid-exempt remove

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.command displays a list of configured valid-exempt clients:

(host)[md] #show wms client valid-exempt

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.command displays a list of clients that are viewed by the AP and marked as valid-exempt:

(host)[md] #show ap monitor client-list ap-name <> valid-exempt

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.command displays the number ofMACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network.addresses added to the valid-exempt client list:

(host)[md] #show wms counters

Counters

--------

Name Value

---- -----

DB Reads 288268

DB Writes 350870

2477年探测表数据库读取

Probe Table DB Writes 952

AP Table DB Reads 143992

AP Table DB Writes 138867

STA Table DB Reads 40404

STA Table DB Writes 99687

Probe STA Table DB Reads 101352

Probe STA Table DB Writes 117566

Probe Register 2476

Probe State Update 37077

Set RAP Type 42552

Set RAP Type Conf Level 152

Valid Exempt Station Macs 10