NETSCOUT Systems AM5012-001 802.11a/b/g Wireless Sensor User Manual AirMagnet AM 5012 abg User Guide rev1

Fluke Networks/AirMagnet 802.11a/b/g Wireless Sensor AirMagnet AM 5012 abg User Guide rev1

UserManual.wiki >

NETSCOUT Systems >

AM5012 001 User Manual

Users Manual

© 2004 AirMagnet®, Inc. All rights reserved. 1 AirMagnet AM-5012-11AG User Guide

© 2004 AirMagnet®, Inc. All rights reserved. 2 Table of Contents Definitions and Terminology ...........................................................................................................3 References ........................................................................................................................................5 Introduction......................................................................................................................................6 Expert Analysis Functions Enabled by Sensor ................................................................................8 Enforce Security Policy ...........................................................................................................8 Detect Wireless Intruders and Attacks .....................................................................................8 Lock In Network Performance.................................................................................................9 Ensure Network Reliability......................................................................................................9 Centralizing System Management ...........................................................................................9 Enable Flexible Configuration and User Access......................................................................9 Enable Graphics User Interface from Anywhere in the Network ............................................9 Enable Remote Troubleshooting and Active Tools ................................................................10 Low Overhead On Operational Network...............................................................................10 AirMagnet Sensor Operation Modes .............................................................................................11 Configuration Mode...................................................................................................................11 Analysis Mode ...........................................................................................................................11 Active Control Mode .................................................................................................................12 Hardware Specifications ................................................................................................................13 Mechanical.................................................................................................................................13 Environmental............................................................................................................................13 Power .........................................................................................................................................13 RF...............................................................................................................................................14 Effective Data Rates ...................................................................................................................15 Physical Interfaces .....................................................................................................................15 Internal.......................................................................................................................................15 Compliance................................................................................................................................15 Sensor Powering Options...............................................................................................................16 AC Power...................................................................................................................................16

© 2004 AirMagnet®, Inc. All rights reserved. 3 Definitions and Terminology 802.3 802.11 a 802.11 b 802.11 g 802.11 e 802.1x ACK Acknowledgement frame AGC Automatic Gain Control AID Association Identifier BCC Binary Convolutional Code BPSK Binary Phase Shift Keying CF-End Contention-Free End CFP Contention-Free Period CF-Poll Contention-Free Poll CTS Clear to Send DA Destination Address dB Decibels DBPSK Differential Binary Phase Shift Keying DCF Distributed Coordination Function DIFS Distributed Interframe Space DPSK Differential Phase Shift Keying DQPSK Differential Quadrature Phase Shift Keying DS Distribution System DSSS Direct Sequence Spread Spectrum EIFS Extended Interframe Space ESS Extended Service Set ETSI European Telecommunications Standards Institute FCC Federal Communications Commission FCS Frame Check Sequence FFT Fast Fourier Transform GFSK Gaussian Frequency Shift Key GPS Global Positioning System HR/DSSS High Rate Direct Sequence Spread Spectrum I/Q Interphase/Quadrature IAPP Inter-Access Point Protocol ICI Interchip Interference ICV Integrity Check Value IEEE Institute of Electrical and Electronics Engineers IPSEC VPN IR Infrared ISI Intersymbol interference ISM Industrial, Scientific, and Medical LBT Listen Before Talk

© 2004 AirMagnet®, Inc. All rights reserved. 4 L2TP VPN Layer 2 Tunneling Protocol VPN LEAP LLC Logical Link Control MIB Management Information Base MIC Message Integrity Check MKK Ministry of Telecommunications MMACS Multimedia Mobile Access Communication System MPDU MAC Protocol Data Unit MSDU MAC Service Data Unit NAV Network Allocation Vector OFDM Orthogonal Frequency Domain Multiplexing PBCC Packet Binary Convolutional Coding PC Point Coordinator PCF Point Coordination Function PEAP PHY Physical Layer PIFS Priority Interframe Space PLCP Physical Layer Convergence Procedure PMD Physical Medium Dependent PPDU PLCP Protocol Data Unit PFSF PLCP Signaling Field PPTP VPN Point to Multiple Point Virtual Private Network PS Poll Power Save Poll QAM Quadrature Amplitude Modulation QPSK Quadrature Phase Shift Keying RA Receiver Address RF Radio Frequency RFID Radio Frequency ID RSADSI RSA Data Security, Inc. RTS Request to Send SA Source Address SFD Start of Frame Delimiter SIFS Short Interframe Space SNR Signal to Noise Ratio SSH VPN SSID Service Set Identity STA Station TA Transmitter Address TBT Target Beacon Transmission Time TIM Traffic Indication Map TKIP TLS TSF Timer Synchronization Factor TTLS TU Time Units WEP WLAN Wireless LAN WPA

© 2004 AirMagnet®, Inc. All rights reserved. 5 References Visit http://www.airmagnet.com for the following referenced documents: Reference 1 AirMagnet Enterprise Datasheet Reference 2 AirMagnet Enterprise FAQ Reference 3 AirMagnet Guided Tour Reference 4 AirMagnet Impact Study

© 2004 AirMagnet®, Inc. All rights reserved. 6 Introduction The AirMagnet AM-5012-11AG Sensor provides 24x7 remote monitoring and troubleshooting of 802.11 wireless networks. Sensors are deployed near clusters of access points, and provide security assessment, performance monitoring, network fault detection and remote troubleshooting functions. Management staff can easily monitor the security measures in use on every station and access point device to insure compliance with established policies, and also automatically scan for dozens of wireless network attacks. These analysis functions can be monitored and controlled from both centralized and distributed operations centers. These centers can be located in the building, on the campus, or anywhere in the world without requiring high travel costs or excessive delay of sending IT expert staff to remote locations. Figure 1 shows a complete network including the AM-5012-11AG AirMagnet Sensor. Companion software functions available for the complete AirMagnet Enterprise system include the following: AirMagnet Enterprise Server – provides the dynamic operations control function to the entire network of bound sensors including sensor activation/deactivation, upgrade of sensor software, and collection of alerts, data, and statistics for all stations and access points within wireless segments monitored by the sensors. Figure 1: WLAN network including AM-5012-11AG AirMagnet Sensors

© 2004 AirMagnet®, Inc. All rights reserved. 7 AirMagnet Enterprise Console – provides the graphical user interface into the server from any location in the enterprise wide network. AirMagnet Enterprise Remote User Interface – provides the graphical user interface into any individual sensor from any location in the enterprise wide network. Enterprise Reporter – manages and administers a SQL database of all collected alarms, monitored traffic, and RF signal/noise information. Also provides a broad set of detailed reports and trend summaries of key data. Using Reporter the administrator is able to conduct both short-term and long-term trend analysis and also conduct forward looking capacity planning and topology reconfiguration planning for the entire wireless network.

© 2004 AirMagnet®, Inc. All rights reserved. 8 Expert Analysis Functions Enabled by Sensor The intelligent sensor provides around-the-clock coverage of the entire wireless environment including all 802.11a, 802.11b, and 802.11g channels and infrastructure. Each individual sensor is armed with the patent-pending AirWISE Analytical Engine that, in real time, monitors and analyzes the security, performance, and reliability of the wireless network. The sensor enables the following categories of expert analysis functions. See ANNEX B for a detailed and full listing of expert analysis functions. Enforce Security Policy New security protocols are continually appearing that close the security gap between WLANs and their wired counterparts. Nevertheless ensuring that all users and stations comply with these security measures continues to grow as the major issue for wireless networks. AirMagnet Sensors address this gap by auditing and validating the security of every Wi-Fi device in the network, providing managers with an easy process to insure all users employ the appropriate level of security. Supported protocols include: • wep • leap • peap • tkip • mic • 802.1x • ttls • tls • wpa • pptp vpn • l2tp vpn • ssh vpn • ipsec vpn Detect Wireless Intruders and Attacks As Wi-Fi has grown, so have the number and sophistication of wireless attacks. AirMagnet Sensors are engineered specifically to counter these threats - scanning the environment for Rogue APs and War-Drivers, Spoofed MAC Addresses, and a host of Denial of Service Attacks unique to Wi-Fi. Sensors send encrypted real-time alarms in response to an attack, allowing staff to respond before network operations is negatively impacted.

© 2004 AirMagnet®, Inc. All rights reserved. 9 Lock In Network Performance Radio Frequency transmissions are inherently susceptible to environmental factors such as physical obstructions and radio interference from a variety of sources. If not identified and managed, these factors can lead to unacceptable performance for the end-user. To address this challenge, AirMagnet Sensors constantly monitor and generate alarms on over 20 key indicators of network health, allowing IT administrators to take a proactive approach toward the maintenance of the network. Ensure Network Reliability WLANs must both have predictable performance and be highly reliable before being considered industrial grade. The AirMagnet Enterprise System addresses this need with a suite of alarms and diagnostics that detect network faults and configuration errors that can lead to outages in the network. These diagnostics are complemented by active utilities to pin down the sources of connectivity problems in the network. Centralizing System Management The AirMagnet Management Server receives information from every AirMagnet Sensor and provides a centralized SQL database of all network data and alarms. SNMP traps allow for seamless integration with leading management consoles such as HP Open View and CA UniCenter. All sensor-to-server traffic is secured via SSL and TLS insuring management information remains secure while transiting corporate firewalls and VPNs. Enable Flexible Configuration and User Access The Management Server maintains configurations for every Sensor in the System, allowing IT Personnel to tune sensor thresholds appropriately for each location. Additionally, AirMagnet Enterprise supports three unique administrative user levels, insuring that the users access only the level of information appropriate for their role and level of responsibility. Enable Graphics User Interface from Anywhere in the Network The AirMagnet Management Console provides the User Interface to the AirMagnet Enterprise System. From the Management Console, Users can view alarms and WLAN health by Campus, Building, Floor, or by individual Sensor. Consoles can be run securely whether in a NOC, or remotely on a laptop – keeping administrators connected to the information they need, regardless of their location.

© 2004 AirMagnet®, Inc. All rights reserved. 10 Enable Remote Troubleshooting and Active Tools Using the Remote UI built into the AirMagnet Management Console, Users can leverage a growing collection of active troubleshooting tools to pinpoint problems in the network. These tools allow the User to remotely test throughput on a particular AP, diagnose connection problems, and perform Layer 3dDebugging and end-to-end provisioning. Administrators can view low level data on every channel and device in the area, alarms, real-time local statistics, and even packet decodes. Such remote capability greatly reduces the need to dispatch resources when troubleshooting the WLAN. Low Overhead On Operational Network Most remote monitoring systems simply capture wireless packets and resend them to a remote site for processing, needlessly consuming valuable bandwidth. AirMagnet Sensors, conversely process locally, sending real-time alarms only when thresholds are reached. Trending data is saved on the sensor, and securely sent at regular intervals to the Management Server, minimizing operational load on the network and servers.

© 2004 AirMagnet®, Inc. All rights reserved. 11 AirMagnet Sensor Operation Modes The Sensor has three operational modes, configuration mode, analysis mode, and active control mode. Configuration Mode The Airmagnet Sensor can be configured both with a serial command line interface (CLI) and secure HTTPS communications with a remote browser. Key parameters that need to be configured prior to placing the sensor online include provisioning of the unit’s network addressing, the server’s network addressing, and the secret key needed for connection to the server and for administrator logon-override functions. Once the unit is configured it is placed on the live network and powered up. The sensor can be powered either by an AC-to-DC power brick or Power-over-Ethernet using an AirMagnet in-line power injector. After configuration the unit boots up, connects to the server, and receives any additional configuration parameters. If the administrator has upgraded the sensor software on the server to a new release, the sensor automatically downloads the software into memory and then writes it to flash. Analysis Mode The majority of the time the sensor is in the analysis mode. The unit scans all configured channels, measures signal and noise, gathers statistics on management and data traffic, analyzes security mis-configurations and performance problems, and searches for issues such as rogue access points and denial of service attacks. All of the analyzed data is recorded in memory and is reported back to the management server periodically. The reporting period for accumulated data is configurable. Whenever an event occurs that generates an alert, such as a security mis-configuration, the alert is sent immediately to the server. The administrator can view the consolidated status of the entire network, a subset of the network, or the specific set monitored and analyzed by an individual sensor. The AirMagnet Enterprise Console tool is used to view this information collected on the server. The Analysis mode can be administered from anywhere within the global enterprise network.

© 2004 AirMagnet®, Inc. All rights reserved. 12 Active Control Mode In active mode the sensor can drill down to an individual access point or station, and diagnose connection and provisioning problems. Using the Remote User Interface function within the Console program, the administrator can see a real time display of all scanning and analysis functions performed by the sensor. He can zero in on channels, individual access points, or individual stations. He can plot real time displays of all monitored information such as signal, noise, traffic, and errors. He can also do packet decodes and statistical charting. The Active Control mode can be administered from anywhere within the global enterprise network.

© 2004 AirMagnet®, Inc. All rights reserved. 13 Hardware Specifications The AirMagnet AM-5012-11AG sensor is a robust hardware monitoring analysis device that can be installed on a shelf, on the wall, or in a ceiling. It can be powered by AC power, or by -48V Power over Ethernet. The detailed technical specifications are as follows. Mechanical Enclosure Metallic chassis Dimensions 6.693 in. (17.0 cm) wide; 8.267 in. (21.0 cm) deep Mounting options Flat on shelf Plastic stand for shelf vertical configuration Wall hanging via dual screw holder at back of housing, or Using AirMagnet mounting kit for wall and ceiling Weight 32 oz (909g) LEDs Power status WLAN (5 GHz/2.4 GHz) status 10/100 Base T status Link status Switches Reset switch RF connectors Reverse polarity TNC - female Environmental Temperature 32º to 131ºF (0º to 55ºC) Humidity 5 to 95% humidity (non-condensing) Power Power supply options External power adapter w/ 12VDC/1A

© 2004 AirMagnet®, Inc. All rights reserved. 14 RF Bands 2.4 GHz Band: 802.11b/g 5.25-5.35 GHz Band: 802.11a 5.75 GHz: 802.11a Country Frequency plans All worldwide frequency plans (See ANNEX A for detail) Antenna Omni-directional Dual antenna Receive Sensitivity (Typical @ the antenna ports) 802.11a: -84dBm @ 6Mbps -77dBm @ 18Mbps -70dBm @ 48Mbps -82dBm @ 9Mbps -75dBm @ 24Mbps -68dBm @ 54Mbps -79dBm @ 12Mbps -73dBm @ 36Mbps 802.11b/g: -91dBm @ 1Mbps -84dBm @ 6Mbps -75dBm @ 24Mbp -90dBm @ 2Mbps -82dBm @ 9Mbps -73dBm @ 36Mbps -89dBm @ 5.5Mbps -79dBm @ 12Mbps -70dBm @ 48Mbps -87dBm @ 11Mbps -77dBm @ 18Mbps -68dBm @ 54Mbps Transmit Output Power (Typical @ the antenna ports) 7.980mW for 802.11b 10.069mW for 802.11g 17.140mW for 5.150 ~ 5.350GHz 15.922mW for 5.725 ~ 5.825GHz

© 2004 AirMagnet®, Inc. All rights reserved. 15 Effective Data Rates 802.11a 6, 9, 12, 18, 24, 36, 48, 54 Mbps 802.11g 6, 9, 12, 18, 24, 36, 48 & 54Mbps 802.11b 1, 2, 5.5, 11Mbps Physical Interfaces Network port RJ45 Ethernet 10/100 Base T Serial Port RS232 DB9 115,200 bps; 8 data bits; no parity; 1 stop bit; no flow control Internal Processor IDT RC32438 200Mhz Memory 64 Mbytes RAM 8 Mbytes FLASH Radio Dual radio – 802.11 a & b/g Atheros MAC and PHY Compliance FCC Part 15C CE 0560 EN60950 (equivalent UL ETSI 300/328) IC (Canadian Radio Regulations) Japan Equipment Radio Regulations

© 2004 AirMagnet®, Inc. All rights reserved. 16 Sensor Powering Options AC Power The unit can be powered with AC power. An AC-to-DC power supply converts from AC to 12V DC.

© 2004 AirMagnet®, Inc. All rights reserved. 17 Federal Communication Commission Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one of the following measures: - Reorient or relocate the receiving antenna. - Increase the separation between the equipment and receiver. - Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. - Consult the dealer or an experienced radio/TV technician for help. This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. FCC Caution: Any changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate this equipment. IMPORTANT NOTE: FCC Radiation Exposure Statement: This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. To maintain compliance with FCC RF exposure compliance requirements, please avoid direct contact to the transmitting antenna during transmitting. If this device is going to be operated in 5.15 ~ 5.25GHz frequency range, then it is restricted in indoor environment only. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. Airmagnet declares that the AM-5012-11AG (FCC ID: RD7-AM5012-001 ) is limited in CH1~CH11 by specified firmware controlled in the USA Canada (IC): To prevent radio interference to the licensed service, this device is intended to be operated indoors and away from windows to provide maximum shielding. Equipment (or its transmit antenna) that is installed outdoors is subject to licensing. 1.Operation is subject to the following two conditions: 1) this device may not cause interference and 2) this device must accept any interference, including interference that may cause undesired operation of the device. This device has been designed to operate with an antenna having a maximum gain of 6 dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada. Therequired antenna impedance is 50 ohms.