Step 1
|
Click the menu icon () and choose .
The Rogue and aWIPS window is displayed. By default, Cisco DNA Center displays the Overview dashboard.
Note
|
If a Cisco AireOS Controller does not meet the minimum software version required, a notification is displayed at the top of
the dashboard. Click Go To Devices in the notification to upgrade to the supported version.
|
|
Step 2
|
In Site menu, click Global.
The Site Selector slide-in pane is displayed.
-
You can enter a site name in the Search Hierarchy search bar or expand Global to choose a site.
Note
|
-
If the site has more than 254 sub sites, the site will be disabled by default.
-
Site hierarchies that do not have floors inside them are not listed in the site selector.
|
|
Step 3
|
From the Actions drop-down list, choose to enable rogue detection on the Cisco Wireless Controller and the Cisco Catalyst 9800 Series Wireless Controller.
The rogue management functionality is enabled by default if it is already enabled while migrating from Cisco DNA Center Release 1.3.3.x to Cisco DNA Center Release 2.2.1.0 or later.
|
Step 4
|
Choose to disable the rogue actions temporarily.
|
Step 5
|
Click Yes in the Warning dialog box that is displayed.
After disabling the rogue management functionality, data from the wireless controller will not be pushed to Cisco DNA Center until the rogue management functionality is enabled.
|
Step 6
|
Choose to view the rogue configuration job status.
|
Step 7
|
Filter the rogue configuration status by All, Failure, Success, or In Progress by clicking the respective tabs.
The Operation column shows Enable if the rogue-detection operation is enabled successfully on the wireless controller.
The Status column shows Success if the configuration changes are successfully pushed to the wireless controller.
|
Step 8
|
Choose to enable aWIPS data collection on Cisco DNA Center.
If you are migrating from Cisco DNA Center Release 1.3.3.x to Cisco DNA Center Release 2.2.1.0 or later, you must enable the aWIPS functionality in Cisco DNA Center Release 2.2.1.0 or later.
|
Step 9
|
Choose to disable aWIPS actions temporarily.
Click Yes in the Warning dialog box that is displayed.
|
Step 10
|
Choose to view the aWIPS subscription status.
|
Step 11
|
Filter the aWIPS configuration status by All, Failure, Success, or In Progress by clicking the respective tabs.
The Operation column shows Enable if the aWIPS-detection operation is enabled successfully on the wireless controller.
The Status column shows Success if the configuration changes are successfully pushed to the wireless controller.
|
Step 12
|
Use the Threats dashlets for the following information:
-
TOTAL ROGUE THREATS: Displays total number of rogue threats.
-
TOTAL AWIPS THREATS: Displays total number of AWIPS threats.
-
TOTAL UNIQUE ROGUE CLIENTS: Displays total number of unique rogue clients.
-
ROGUES CONTAINED: Displays total number of rogue contained.
The Active High Threats and High Threats Over Time graphs below the timeline slider display the threat details accordingly.
|
Step 13
|
The Active High Threats, Top Locations Affected and High Threats Over Time graphs display information about rogue APs detected in the last 3 hours by default. The graph information is based on the
time interval that you choose from the hours drop-down list.
|
Step 14
|
Use High Threats Summary dashlet for following information:
High Threats Summary Dashlet |
Item |
Description |
Active High Threats
|
Displays information about active threat levels in the form of a donut graph. You can filter the active high threats by threat
types, Top 10 or All.
Click on each colored slice of donut graph, that displays detailed information of the threats in the threats table. Hover
your cursor over the graph to see the number of active high threats.
Click All to display threat type and count in a table form.
|
Top Locations Affected
|
Displays top 5 locations affected per selected site for high threats.
|
|
Step 15
|
Use High Threats Over Time dashlet for following information:
High Threats Over Time Dashlet |
Item |
Description |
Threats Over Time
|
Displays detailed information about high threats over time, based on the selected time period.
Click on each threat type available below Total Active High Threat, it displays threat information in graph view.
High threat deviation is measured on a scale of value to value:
-
Green color indicates threat deviation less than 0.
-
Orange color indicates threat deviation from 0 to 9.
-
Red color indicates threat deviation more than or equal to 10.
Hover your cursor over the graph to view the number of high threats that occurred at a particular time.
|
View Threats
|
Click View Threats to view threats table, it displays list of high threats.
|
|
Step 16
|
Use Threats By Location dashlet to view information about threats in map view.
Location Option |
Item |
Description |
Map View
|
Click this toggle button to display locations affected by threats in the map view.
Hover your cursor over desired location in map to view all the threat level and counts.
|
List View
|
Click this toggle button to display information about locations affected by threats in a list view.
|
|
Step 17
|
Use Threat Setting Summary dashlet to view following information:
Threat Setting Summary Dashlet |
Item |
Description |
Allowed AP List
|
Displays information about allowed AP count and configured threat level.
Click View Details to display Allowed List window, for detailed information on Allowed Access Point List.
|
Allowed Vendor List
|
Displays information about total allowed vendors count and configured threat level.
Click View Details to display Allowed List window, for detailed information on Allowed Vendor List.
|
Rogue Rule
|
Displays information about rules, its conditions type, rule profiles associated to it and threat level.
Click View Details to display Rules window, for detailed information on Rogue Rules.
|
|
Step 18
|
(Optional) Use Tips dashlet, that provides direct link to use the workflows such as Create Allowed AP List, Create Allowed Vendor List, Create
Rogue Rule, and so on.
Click View All to view all the available workflows.
|