- Preface
- Chapter 1: Cisco NCS Overview
- Chapter 2: Getting Started
- Chapter 3: Configuring Security Solutions
- Chapter 4: Performing Maintenance Operations
- Chapter 5: Monitoring Devices
- Chapter 6: Monitoring Maps
- Chapter 7: Managing NCS User Accounts
- Chapter 8: Configuring Mobility Groups
- Chapter 9: Configuring Devices
- Chapter 10: Managing Clients
- Chapter 11: Using Templates
- Chapter 12: Configuring FlexConnect
- Chapter 13: Alarm and Event Dictionary
- Chapter 14: Reports
- Chapter 15: Performing Administrative Tasks
- Chapter 16: NCS Services
- Chapter 17: Tools
- Chapter 18: wIPS Policy Alarm Encyclopedia
- Appendix A: Troubleshooting and Best Practices
- Appendix B: NCS and End-User Licenses
- Appendix C: Cisco NCS Server Hardening
- Appendix D: Certificate Signing Request (CSR) Generation for a Third-Party Certificate on a Cisco Prime Network Control System (NCS)
- Index
- NCS Delivery Modes
- Reinstalling the NCS on a Physical Appliance
- Deploying the NCS Virtual Appliance
- Setting Up the NCS
- Starting the NCS Server
- Logging into the NCS User Interface
- Applying the NCS Software License
- Understanding the NCS Home Page
- Quick Search
- Advanced Search
- Searching Alarms
- Searching Access Points
- Searching Controller Licenses
- Searching Controllers
- Searching Switches
- Searching Clients
- Searching Chokepoints
- Searching Events
- Searching Interferers
- Searching AP-Detected Interferers
- Searching Wi-Fi TDOA Receivers
- Searching Maps
- Searching Rogue Clients
- Searching Shunned Clients
- Searching Tags
- Saved Searches
- Configuring the Search Results Display (Edit View)
Getting Started
This chapter describes information on system requirements, setting up and starting the Cisco NCS. The NCS is an application used to configure, manage, and monitor the wired and wireless networks. This chapter contains the following sections:
•Reinstalling the NCS on a Physical Appliance, page 2-5
•Deploying the NCS Virtual Appliance, page 2-5
•Starting the NCS Server, page 2-10
•Logging into the NCS User Interface, page 2-11
•Applying the NCS Software License, page 2-12
• Understanding the NCS Home Page, page 2-13
•Using the Search Feature, page 2-33
NCS Delivery Modes
The NCS comes preinstalled on a physical appliance with various performance characteristics. The NCS software runs on either a dedicated NCS appliance or on a VMware server. The NCS software image does not support the installation of any other packages or applications on this dedicated platform. The inherent scalability of the NCS allows you to add appliances to a deployment and increase performance and resiliency.
The NCS is delivered in two modes, the physical appliance and the virtual appliance. This section contains the following topics:
•Operating Systems Requirements, page 2-3
•Client Requirements, page 2-4
Physical Appliance
The physical appliance is a dual Intel 2.40 GHz Xeon E5620 quad core processor, with 16 GB RAM, and four hard drives running in a RAID level 5 configuration. The physical appliance runs the latest 64-bit Red Hat Linux Operating System.
The physical appliance supports up to 15000 Cisco Aironet lightweight access points, 5000 standalone access points, 5000 switches and 1200 Cisco wireless LAN controllers.
Note To receive the expected results with the NCS, you need a high performance physical appliance with built-in redundancy for hard disks, power supplies and internal cooling fans.
For more information on the physical appliance, see the Cisco Prime Network Control System Getting Started Guide, Release 1.0.
Virtual Appliance
The NCS is also offered as a virtual appliance to help support lower level deployments. The NCS can be run on a workstation or a server and access points can be distributed unevenly across controllers.
The NCS virtual appliance software is distributed as an Open Virtualization Archive (OVA) file. There are three recommended levels of the NCS distribution with different resources and numbers of devices supported.
This section contains the following topics:
•Virtual Appliance for Large Deployment, page 2-2
•Virtual Appliance for Medium Deployment, page 2-3
•Virtual Appliance for Small Deployment, page 2-3
Note You can deploy the OVA file directly from the vSphere Client; you do not need to extract the archive before performing the deployment.
You can install the NCS virtual appliance using any of the methods for deploying an OVF supported by the VMware environment. Before starting, make sure that the NCS virtual appliance distribution archive is in a location that is accessible to the computer on which you are running the vSphere Client.
Note For more information about setting up your VMware environment, see the VMware vSphere 4.0 documentation.
Virtual Appliance for Large Deployment
•Supports up to 15000 Cisco Aironet lightweight access points, 5000 standalone access points, 5000 switches, and 1200 Cisco wireless LAN controllers.
•8 Processors at 2.93 GHz or better.
•16-GB RAM.
•400 GB minimum free disk space is required on your hard drive.
Note The free disk space listed is a minimum requirement but might be different for your system depending on the number of backups performed.
Virtual Appliance for Medium Deployment
•Supports up to 7500 Cisco Aironet lightweight access points, 2500 standalone access points, 2500 switches, and 600 Cisco wireless LAN controllers.
•4 Processors at 2.93 GHz or better.
•12-GB RAM.
•300 GB minimum free disk space is required on your hard drive.
Virtual Appliance for Small Deployment
•Supports up to 3000 Cisco Aironet lightweight access points, 1000 standalone access points, 1000 switches, and 240 Cisco wireless LAN controllers.
•2 Processors at 2.93 GHz or better.
•8-GB RAM.
•200 GB minimum free disk space is required on your hard drive.
Note For all server levels, AMD processors equivalent to the listed Intel processors are also supported.
Note The free disk space listed is a minimum requirement, but several variables (such as backups) impact the disk space.
Note If you want to use a Cisco UCS Server to deploy a virtual appliance for the NCS, you can use the UCS C-Series or B-Series. Make sure the server you pick matches to the Processor, RAM, and Hard Disk requirements specified in the "Virtual Appliance" section on page 2-2 deployment.
Operating Systems Requirements
The following operating systems are supported:
•Red Hat Linux Enterprise server 5.4 64-bit operating system installations are supported.
Note You cannot install the NCS on a standalone operating system like Red Hat Linux, as the NCS is shipped as a physical or virtual appliance that comes preinstalled with a secure and hardened operating system.
•Red Hat Linux version support on VMware ESX version 3.0.1 and later with either local storage or SAN over fiber channel.
•The recommended deployments for a virtual appliance are UCS and ESX/ESXi.
Note Individual operating systems running the NCS in VMware must follow the specifications for the size of the NCS that you intend to use.
Client Requirements
The NCS user interface requires Mozilla Firefox 3.6 or later or Internet Explorer 8 with the Chrome plugin releases or Google Chrome 12.0.742.x.
Note We strongly advise that you do not enable third-party browser extensions. In Internet Explorer, you can disable third-party browser extensions by choosing Tools > Internet Options and unselecting the Enable third-party browser extensions check box on the Advanced tab.
The client running the browser must have a minimum of 1 GB of RAM and a 2-GHz processor. The client device should not be running any CPU or memory-intensive applications.
Note We recommend a minimum screen resolution of 1024 x 768 pixels.
Prerequisites
Before installing the NCS, ensure that you have completed the following:
•Meet the necessary hardware and software requirements for the NCS.
•Check the compatibility matrix for the supported controller, Cisco IOS software releases.
•Update your system with the necessary critical updates and service packs.
Note See the latest release notes for information on the service packs and patches required for correct operation of the NCS.
•To receive the expected results, you should run no more than 3 concurrent NCS setups for standard server use (4 GB memory and 3 GHz CPU speed) and no more than 5 concurrent NCS setups for high-end server use (8 GB memory and 3 GHz CPU speed).
•Verify that the following ports are open during installation and startup:
–HTTP: configurable during install (80 by default)
–HTTPS: configurable during install (443 by default)
–1315
–1299
–6789
–8009
–8456
–8005
–69
–21
–162
–8457
–1522
Note Make sure your firewall rules are not restrictive. You can check the current rules on Linux with the built-in iptables -L command.
Reinstalling the NCS on a Physical Appliance
You must have root privileges to install the NCS on a physical appliance.
To reinstall the NCS on a physical appliance, follow these steps:
Step 1 Insert the provided NCS software Image DVD. The system boots up and the following console appears:
ISOLINUX 3.11 2005-09-02 Copyright (C) 1994-2005 H. Peter Anvin
Welcome to Cisco Prime Network Control System
To boot from hard disk, press <Enter>.
Available boot options:
[1] Network Control System Installation (Keyboard/Monitor)
[2] Network Control System Installation (Serial Console)
[3] Recover administrator password. (Keyboard/Monitor)
[4] Recover administrator password. (Serial Console)
<Enter> Boot existing OS from Hard Disk.
Enter boot option and press <return>.
boot:
Step 2 Select option 1 to reinstall the NCS software image. The system reboots and the configure appliance screen appears.
Step 3 Enter the initial setup parameters and the system reboots again. Remove the DVD and follow the steps to start the NCS server.
Deploying the NCS Virtual Appliance
This section describes how to deploy the NCS virtual appliance from the vSphere Client using the Deploy OVF Wizard or from the command line. (VMware vSphere Client is a Windows application for managing and configuring the vCenter Server.) This section contains the following topics:
•Deploying the NCS Virtual Appliance from the VMware vSphere Client, page 2-6
•Deploying the NCS Virtual Appliance using the Command Line Client, page 2-9
Deploying the NCS Virtual Appliance from the VMware vSphere Client
NCS Virtual Image is packaged as an OVF file. An OVF is a collection of items in a single archive. In the vSphere Client, you can use the Deploy OVF Wizard to create a virtual machine, running the NCS virtual appliance application, as described in this section.
Note While the following procedure provides a general guideline for how to deploy the NCS virtual appliance, the exact steps that you need to perform might vary depending on the characteristics of your VMware environment and setup.
To deploy the NCS virtual appliance, follow these steps:
Step 1 From the VMware vSphere Client main menu, choose File > Deploy OVF Template. The Deploy OVF Template Source window appears (see Figure 2-1).
Figure 2-1 Deploy OVF Template Window
Step 2 Choose Deploy from file and choose the OVA file that contains the NCS virtual appliance distribution.
Step 3 Click Next. The OVF Template Details window appears. VMware ESX/ESXi reads the OVA attributes. The details include the product you are installing, the size of the OVA file (download size), and the amount of disk space that needs to be available for the virtual machine (size on disk).
Step 4 Verify the OVF Template details and click Next. The Name and Location window appears (see Figure 2-2).
Figure 2-2 Name and Location Window
Step 5 Either keep the default name for the VM to be deployed in the Name text box or provide a new one and click Next. This name value is used to identify the new virtual machine in the VMware infrastructure; you should use any name that distinguishes this particular VM in your environment. The Host / Cluster window appears (see Figure 2-3).
Figure 2-3 Host/Cluster Window
Step 6 Choose the destination host or HA cluster on which you want to deploy the NCS VM, and click Next. The Resource Pool window appears.
Step 7 If you have more than one resource pool in your target host environment, choose the resource pool to use for the deployment, and click Next. The Ready to Complete window appears.
Step 8 Review the settings shown for your deployment and, if needed, click Back to modify any of the settings shown.
Step 9 Click Finish to complete the deployment. A message notifies you when the installation completes and you can see the NCS virtual appliance in your inventory.
Step 10 Click Close to dismiss the Deployment Completed Successfully dialog box.
Configuring the Basic Settings for the NCS Virtual Appliance
You have completed deploying (installing) the NCS virtual appliance on a new virtual machine. A node for the virtual machine now appears in the resource tree in the VMware vSphere Client window. Deploying the OVF template creates a new virtual machine in vCenter with the NCS virtual appliance application and related resources already installed on it. After deployment, you need to configure basic settings for the NCS virtual appliance. To start the NCS setup, follow these steps:
Step 1 In the vSphere Client, click the NCS virtual appliance node in the resource tree. The virtual machine node should appear in the Hosts and Clusters tree below the host, cluster, or resource pool to which you deployed the NCS virtual appliance.
Step 2 On the Getting Started tab, click the Power on the virtual machine link under Basic Tasks. The Recent Tasks pane at the bottom of the vSphere Client pane indicates the status of the task associated with powering on the virtual machine. After the virtual machine successfully starts, the status column for the task displays Completed.
Step 3 Click the Console tab, within the console pane to make the console prompt active for keyboard input.
Now you need to set up the virtual appliance, as described in the "Setting Up the NCS" section on page 2-9.
Deploying the NCS Virtual Appliance using the Command Line Client
This section describes how to deploy the NCS virtual appliance from the command line. As an alternative to using the vSphere Client to deploy the NCS OVA distribution, you can use the VMware OVF Tool, which is a command-line client.
To deploy an OVA with the VMware OVF Tool, use the ovftool command, which takes the name of the OVA file to be deployed and the target location as arguments, as in the following example:
ovftool NCS-VA-X.X.X-large.ova vi://my.vmware-host.example.com/
In this case, the OVA file to be deployed is NCS-VA-X.X.X-large.ova and the target ESX host is my.vmware-host.example.com. For complete documentation on the VMware OVF Tool, see the VMware vSphere 4.0 documentation.
Setting Up the NCS
This section describes how to configure the initial settings of the NCS virtual appliance.
Note These steps need to be performed only once, upon first installation of the NCS virtual appliance.
To configure the basic network and login settings for the NCS virtual appliance system, follow these steps. When the steps are completed, the NCS virtual appliance is accessible over the network.
Note Once you put the NCS Image DVD in the physical appliance for reinstallation, you get the same console prompt. Use the following steps to reinstall the NCS for the physical appliance.
Step 1 At the login prompt, enter the setup command.
localhost.localdomain login: setup
The NCS configuration script starts. The script takes you through the initial configuration steps for the NCS virtual appliance. In the first sequence of steps, you configure network settings.
Step 2 When prompted, enter the following settings:
a. The hostname for the virtual appliance.
b. The IP address for the virtual appliance.
c. The IP default subnet mask for the IP address entered.
d. The IP address of the default gateway for the network environment in which you are creating the virtual machine.
e. The default DNS domain for the target environment.
f. The IP address or hostname of the primary IP nameserver in the network.
g. At the Add/Edit another nameserver prompt, you can enter y (yes) to add additional nameservers, if desired. Otherwise, press Enter to continue.
h. The NTP server location (or accept the default by pressing Enter). At the Add/Edit secondary NTP server prompt, you can enter y (yes) to add another NTP server. Otherwise, enter n (no) to continue.
Step 3 Enter the username for the user account used to access the NCS system running on the virtual machine. The default username is admin, but you can change this to another username by typing it here.
Step 4 Enter the password for the NCS. The password must be at least eight characters and must include both lowercase and uppercase letters and at least one number. It cannot include the username or default Cisco passwords. After you enter the password, the script verifies the network settings you configured. For example, it attempts to reach the default gateway that you have configured.
After verifying the network settings, the script starts the NCS installation processes. This process can take several minutes, during which there is no screen feedback. When finished, the following banner appears on the screen:
=== Initial Setup for Application: NCS ===
After this banner appears, the configuration starts with database scripts and reboots the server as shown in the console:
Running database cloning script...
logger: invalid option -- l
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Running database creation script...
logger: invalid option -- l
usage: logger [-is] [-f file] [-p pri] [-t tag] [-u socket] [ message ... ]
Setting Timezone, temporary workaround for DB...
Generating configuration...
Rebooting...
Note If you are installaing a physical appliance, remove the ISO DVD from the DVD tray.
Step 5 Log in as admin and enter the admin password.
Step 6 Exit the console using the exit command.
Starting the NCS Server
This section provides instructions for starting the NCS on either a physical or virtual appliance.
Note You can check the status of the NCS at any time. To do so, follow the instructions in the "Verifying the Status of the NCS" section on page 4-6.
To start the NCS when it is installed on a physical or virtual appliance, follow these steps:
Step 1 Log into the system as administrator.
Step 2 Using the command-line interface, enter the following command:
ncs start
Logging into the NCS User Interface
To log into the NCS user interface through a web browser, follow these steps:
Step 1 Launch Internet Explorer 7.0 or later or Mozilla Firefox 3.6 or later on a different computer than the one on which you installed and started the NCS.
Note When you use Firefox 3.x to log in and access the NCS for the first time, the Firefox web browser displays a warning stating that the site is untrustable. When Firefox displays this warning, follow the prompts to add a security exception and download the self-signed certificate from the NCS server. After you complete this procedure, Firefox accepts the NCS server as a trusted site both now and during all future login attempts.
Step 2 In the address line of browser, enter https://ncs-ip-address, where ncs-ip-address is the IP address of the server on which you installed and started the NCS. The NCS user interface displays the Login page.
Step 3 Enter your username. The default username is root.
Step 4 Enter the root password you created during setup.
Note If any licensing problems occur, a message appears in an alert box. If you have an evaluation license, the number of days until the license expires is shown. You are also alerted to any expired licenses. You have the option to go directly to the licensing page to address these problems.
Step 5 Click Login to log into the NCS. The NCS user interface is now active and available for use. The NCS home page appears. The NCS home page enables you to choose the information that you want to see. You can organize the information in user-defined tabs called dashboards. The default view comes with default dashboards and preselected dashlets for each, and you can arrange them as you like. You can predefine what appears on the home page by choosing the monitoring dashlets that are critical for your network. For example, you might want different monitoring dashlets for a mesh network so that you can create a customized mesh dashboard.
Note If the database or Apache web server does not start, check the launchout.txt file in Linux. You see a generic "failed to start database" or "failed to start the Apache web server" message.
Note When an upgrade occurs, the user-defined tabs arranged by the previous user in the previous version are maintained. Therefore, the latest dashlets might not show. Look at the Edit dashboard link to find what new dashlets are added.
The home page provides a summary of the Cisco Unified Network Solution, including coverage areas, the most recently detected rogue access points, access point operational data, reported coverage holes, and client distribution over time. Figure 2-4 shows a typical NCS home page.
By default, you should see six dashboards in the NCS home page: the General, Client, Security, Mesh, CleanAir, and ContextAware dashboards.
Note When you use the NCS for the first time, the network summary pages show that the Controllers, Coverage Areas, Most Recent Rogue APs, Top 5 APs, and Most Recent Coverage Holes databases are empty. It also shows that no client devices are connected to the system. After you configure the NCS database with one or more controllers, the NCS home page provides updated information.
Figure 2-4 The NCS Home Page
To exit the NCS user interface, close the browser page or click Log Out in the upper-right corner of the page. Exiting an NCS user interface session does not shut down the NCS on the server.
When a system administrator stops the NCS server during your NCS session, your session ends, and the web browser displays the message: "The page cannot be displayed." Your session does not reassociate to the NCS when the server restarts. You must restart the NCS session.
Applying the NCS Software License
This section describes how to apply a license to NCS. Before starting, make sure that you have already acquired the license from the Cisco License Center and put it in a location that is accessible by the network from NCS. To add a new NCS license file, follow these steps:
Step 1 In the Administrator menu, choose License Center > Files > NCS Files page, and click Add.
Step 2 In the Add a License File dialog box, enter or browse to the applicable license file.
Step 3 Once displayed in the License File text box, click Upload.
To add a new license, see "Managing Licenses" section on page 15-131.
Understanding the NCS Home Page
The NCS home page:
•Enables the administrator to create and configure Cisco Unified Network Solution coverage area layouts, configure system operating parameters, monitor real-time Cisco Unified Network Solution operations, and perform troubleshooting tasks using an HTTPS web browser page.
•Enables the administrator to create, modify, and delete user accounts; change passwords; assign permissions; and schedule periodic maintenance tasks. The administrator creates new usernames and passwords and assigns them to predefined permissions groups.
•Allows the administrator to perform all necessary network administration tasks from one page. The NCS home page, is the landing page, displaying real-time monitoring and troubleshooting data. The navigation tabs and menus at the top of the page provide point-and-click access to all other administration features.
The NCS user interface provides an integrated network administration console from which you can manage various devices and services. These include wired and wireless devices and clients. The services might include authentication, authorization, profiler, location and mobility services as well as monitoring, troubleshooting, and reporting. All of these devices and services can be managed from a single console called the NCS home page.
This section describes the NCS user interface page and contains the following topics:
•Administrative Elements, page 2-28
Dashboards
The NCS dashboards consist of dashlets and graphs that provide a visual overview of network health and security. The dashboard elements visually convey complex information in a simplified format. This display allows you to quickly analyze the data and drill down for in-depth information if needed. Dashlets utilize a variety of elements to display data, including pie-charts, sparklines, stack bars, and metric meters.
The fundamental purpose of a dashboard is to provide an at-a-glance view of the most important parts of NCS. A quick scan of the dashboard should let you know if anything needs attention. The dashboard generally provides the status and alerts, monitoring and reporting information. Dashboards contain several dashlets, which are UI containers that display a variety of widgets, such as text, form elements, tables, charts, tabs, and nested content modules.
The dashboard displays the current status which reflects the status and usage of the network, like client distribution. The dashboard also displays the trend which reflects the usage and status over time which is from data collected over time, like client count (see Figure 2-5).
Figure 2-5 Dashboards
Note You must have Adobe Flash Player installed to view the dashlets on the NCS dashboard.
The six NCS dashboards are described in this section. This section contains the following topics:
•Security Dashboard, page 2-18
•CleanAir Dashboard, page 2-19
•Context Aware Dashboard, page 2-21
You can customize the predefined set of dashlets depending on your network management needs. You can organize the information in user-defined dashboards. The default view comes with default dashboards and pre-selected dashlets for each.
Note•The label "Edited" next to the dashlet heading indicates that the dashlet has been customized. If you reset to the default settings, the Edited label is cleared. Hover your mouse cursor over the label see the edited information.
•When an upgrade occurs, the arrangement of dashlets in a previous version is maintained. Because of this, dashlets or features added in a new release are not displayed. Click the Manage Dashboards link to discover new dashlets.
•The horizontal and vertical scrollbars are visible if you zoom the dashlets. Reset the zoom level back to zero, or no zoom for viewing the dashlets without the scrollbars.
General Dashboard
Table 2-1 lists the factory default dashlets for the General dashboard.
Client Dashboard
Table 2-2 lists the factory default dashlets for the Client dashboard.
Note When you select "All campuses" for the filters such as "Floor Area" or "Outdoor Area" in the client-related charts or reports, NCS lists all the wireless clients even if APs are not placed on maps.
Security Dashboard
Table 2-3 lists the factory default dashlets for the Security dashboard.
Note The Rogue alarm, which is set as informational, cannot be seen in the Security dashboard.
Mesh Dashboard
Table 2-4 lists the factory default dashlets for the Mesh dashboard.
CleanAir Dashboard
Table 2-5 lists the factory default dashlets for the Mesh dashboard.
Context Aware Dashboard
Table 2-6 lists the factory default dashlets for the Context Aware dashboard.
|
|
---|---|
MSE Historical Element Count |
Displays the historical trend of tags, clients, rogue APs, rogue clients, interferers, wired clients, and guest client counts in a given period of time. Note The MSE Historical Count information is presented in a time-based graph. For graphs that are time-based, there is a link bar at the top of the graph page that displays 6h, 1d, 1w, 2w, 4w, 3m, 6m, 1y, and Custom. When selected, the data for that time frame is retrieved and the corresponding graph is displayed. See the "Time-Based Graphs" section on page 6-71 for more information. |
Rogue Elements detected by CAS |
Displays the indices of the Rogue APs and Rogue Clients in percentage. It also provides a count of the number of Rogue APs and Rogue Clients detected by each MSE within an hour, 24 hours as well as more than 24 hours. Rogue AP Index is defined as the percentage of total active tracked elements that are detected as Rogue APs across all the MSEs on NCS. Rogue Client Index is defined as the percentage of total active tracked elements that are detected as Rogue Clients across all the MSEs on NCS. |
Location Assisted Client Troubleshooting |
You can troubleshoot clients using this option with location assistance. You can provide either a MAC Address, Username, or IP Address as the criteria for troubleshooting. Note Username, IP address, and partial MAC address-based troubleshooting is supported only on MSEs with Version 7.0.200.0 and later. For more information about Location Assisted Client Troubleshooting, see the "Context Aware Dashboard" section on page 2-21. |
MSE Tracking Counts |
Represents the tracked and not-tracked count of each of the element types. The element type includes tags, rogue APs, rogue clients, interferers, wired clients, wireless clients, and guest clients. |
Top 5 MSEs |
Lists the top five MSEs based on the percentage of license utilization. It also provides count for each element type for each MSE. Note If you have installed NCS license but you have not added any MSE to NCS then the Context-Aware dashboard is empty. However a message is displayed with a link to add an MSE. In the dashlet, click the count link to get a detailed report. Use the icons in a dashlet to switch between chart and grid view. Use the Enlarge Chart icon to view the grid or chart in full screen. |
Icons
The icons on the dashlets and within the General, Client, Security, Mesh, CleanAir, and Context Aware dashboards have the following functions listed in Table 2-7.
Menu Bar
The primary form of navigation used in NCS is the menu located at the top of the NCS page. Administrators can monitor and perform various tasks from this menu. This menu is an easy-access, pop-up menu that provides quick access to the submenus that are associated with the primary menu. Hover your mouse cursor over any menu title to access the associated menu. Clicking the menu title takes you directly to the feature page. The following illustration is an example of the primary NCS menu (see Figure 2-6).
Figure 2-6 NCS Primary Global Menu
This section describes the menus and contains the following topics:
•Administration Menu, page 2-25
When you hover your mouse cursor over any of the five menu titles, a drop-down menu appears.
Monitor Menu
The Monitor menu provides you with a top-level description of your network devices. You can monitor your network, maps, Google Earth maps, network devices (controllers, switches, access points, clients, tags, chokepoints, Wi-Fi TDOA receivers), RRM, alarms, and events.
The following submenu options are available from the Monitor menu:
•Monitoring Devices
–Monitoring WiFi TDOA Receivers
•Monitoring Radio Resource Management (RRM)
•Monitoring Alarms and Events
•Monitoring Maps
Configure Menu
The Configure menu enables you to configure templates, controllers, access points, switches, chokepoints, Wi-Fi TDOA receivers, config groups, auto provisioning, scheduled configuration tasks, profiles, ACS view servers, and TFTP servers on your network.
The following submenu options are available from the Configure drop-down menu:
•Configuring Devices
–Configuring Wi-Fi TDOA Receivers
•Configuring Scheduled Configuration Tasks
•Configuring Templates
–Accessing the Controller Template Launch Pad
–Configuring Lightweight Access Point Templates
–Configuring Autonomous Access Point Templates
–Configuring Switch Location Configuration Templates
–Configuring Autonomous AP Migration Templates
•Configuring Controller Config Groups
•Configuring Servers
–Configuring TFTP or FTP Servers
Services Menu
The Services menu enables you to manage mobility services including mobility services engines and Identity Service Engines.
The following submenu options are available from the Services drop-down menu:
•Mobility Services
–Viewing Current Mobility Services
–Viewing Synchronization History
–Viewing the Notifications Summary for Mobility Services
Reports Menu
The Reports menu provides the following submenu options:
•Managing Scheduled Run Results
•Managing Saved Report Templates
Administration Menu
The Administration menu enables you to schedule tasks like making a backup, checking a device status, auditing your network, synchronizing the MSE, and so on. It also contains Logging to enable various logging modules and specify restart requirements. For user administration such as changing passwords, establishing groups, setting application security settings, and so on, choose AAA. From the Administration Menu, you can also access the licensing information, set user preferences, and establish high availability (a secondary backup device running NCS).
The following submenu options are available from the Administration drop-down menu:
•Configuring Administrative Settings
•Configuring High Availability
Global Toolbar
The Global toolbar is always available at the bottom of the NCS page, providing instantaneous access to the tools, NCS online Help system, and a summary of alarm notifications. Hover your mouse cursor over the Help icon to access the available online Help (see Figure 2-7).
Hover your mouse cursor over the Alarms Browser to display the summarized Alarms page, with a list of recent system alarms and the ability to filter for alarms of a specific nature. You can also drill down for detailed information on individual alarms. For more information on Alarms, see the "Alarm Summary" section on page 2-27.
Figure 2-7 Global Toolbar
This section contains the following topics:
Tools
The Tools menu provides access to the Voice Audit, Configuration Audit, and Migration Analysis features of NCS.
The following submenu options are available from the Tools drop-down menu:
•Voice Audit
•Location Accuracy Tools
•Config Audit
•Migration Analysis
•TAC Case Attachment
Help
The Help menu allows you to access online help, learning modules, submit feedback, and to verify the current version of NCS. The Help icon is located in the bottom left corner of the Global Toolbar in the NCS page. The Help provides quick access to the comprehensive online Help for NCS.
The following submenu options are available from the Help drop-down menu:
•Online Help—Enables you to view online Help. The online Help is context sensitive and opens documentation for the NCS window that you currently have open.
•Learning Modules—Allows you to access short video clips of certain NCS features. To learn more about Cisco NCS features and functionality, go to Cisco.com to watch multimedia presentations about NCS configuration workflow, monitoring, troubleshooting, and more. Over future releases, more overview and technical presentations will be added to enhance your learning.
•MSE Installation Guide—Provides links to the MSE installation section.
•Submit Feedback—Allows you to access a page where you can enter feedback about the NCS.
•Help Us Improve Cisco Products—Allows you to enable and provide permission to automatic collect data about how you and your organization use your Cisco wireless products, this data is useful to improve product performance and usability. The data is automatically collected and sent to Cisco in encrypted form. The data might contain information about your organization and it is not be shared or used outside of Cisco.
Note To get the automated feedback enabled, you must configure your Mail Server Configuration by choosing Administration > Settings > Mail Server Configuration.
•About Cisco NCS—Allows you to verify the version of NCS that you are running. It provides the version, hostname, feature, AP limit, and type.
To verify the version of NCS, choose About Cisco NCS. The following information is displayed:
•Product Name
•Version Number
•Host Name
•Feature
•AP Limit
•License Type
•Copyright statement
Alarm Summary
When NCS receives an alarm message from a controller, it displays an alarm indicator at the bottom of the NCS page (see Figure 2-8). Alarms indicate the current fault or state of an element that needs attention, and they are usually generated by one or more events. The alarm can be cleared but the event remains. The Critical (red), Major (orange) and Minor (yellow) alarms appear in the alarm dashboard, left to right.
Note The Administration > Settings > Alarms page has a Hide Acknowledged Alarms check box that you must unselect it if you want acknowledged alarms to appear in the NCS and alarms lists page. By default, acknowledged alarms are not shown.
Figure 2-8 NCS Alarm Summary
Note Alarm counts are refreshed every 15 seconds.
Command Buttons
The NCS user interface uses a number of command buttons throughout its pages. The most common command buttons are as follows:
•Apply—Applies the selected information
•Delete—Deletes the selected information
•Cancel—Cancels new information entered on the current page and returns to the previous page
•Save—Saves the current settings
•Audit—Discovers the present status of this access point
•Place AP—Audits the configuration of the selected entity by flagging the differences between NCS database device configurations
Main Data Page
The main data page is determined by the required parameter information. Active areas on the data pages include the following:
•Text boxes into which data might be entered
•Drop-down lists from which one of several options might be chosen
•Check boxes allow you to choose one or more items from the displayed list
•Radio buttons allow you to turn a parameter on or off
•Hyperlinks take you to other pages in the NCS user interface
Input text boxes are black text on a white background. When data is entered or selected, it is not sent to the controller, but it is saved in the text box until you click Go.
Administrative Elements
The following provides information regarding the current NCS user:
•User—Indicates the username for the current NCS user. Click the User link to change the user password. See the "Changing Password" section on page 15-87 for more information.
•Virtual Domain—Indicates the current virtual domain for this NCS user. See the "Configuring a Virtual Domain" section on page 15-41 for more information.
Note To switch domain names, click the blue inverted triangle icon located at the right of the virtual domain name to open the switch to another Virtual Domain page. Select the new virtual domain radio button, and click Save. Your privileges are changed accordingly.
Customizing the NCS Home Page
NCS home page dashlets contain a default, predefined list of dashlets that you can customize. The following customizations are possible in the NCS home page:
•Drag-and-drop dashlets
•Add or delete dashboards
•Reordering dashboards
•Renaming dashlets and dashboards
•Customize layout
Note You can add or delete dashlets by selecting from the predefined list.
You can customize the home page with time-based or non-time-based interactive graphs which you can display in grid or chart format (by clicking the appropriate icon). These graphs refresh automatically within a predetermined time based on the default polling cycles of dependent tasks, or you can click the Refresh dashlet icon to get the most current status. You can click the Enlarge Chart icon to enlarge the graph in a separate page.
This section contains the following topics:
•Editing the NCS Home Page, page 2-29
•Adding a New Dashboard, page 2-32
Editing the NCS Home Page
To customize the NCS home page dashlets, follow these steps:
Step 1 In the NCS home page, click . The drop-down menu appears.
Step 2 Click Add Dashlet to view a list of the available dashlets. Add the desired dashlet by clicking Add in the right column. The dashlet is added to the appropriate dashboard.
Step 3 Click Apply.
Adding Dashlets
Table 2-8 lists the default dashlet options you can add in your NCS home page.
Adding a New Dashboard
To create a new dashboard, follow these steps:
Step 1 Click in NCS home page. The drop-down menu appears (see Figure 2-9).
Figure 2-9 Edit Dashboard
Step 2 Enter the name of the new dashboard you are creating, and click Add. The dashboard name you just added appears in the Display Order list.
Note Add is the only function that does not require a Save operation after its operation. If you click X, Move Up, or Move Down, you must click Apply for the changes to be applied.
Step 3 You can add dashlets to the new dashboard. For more information see the "Adding Dashlets" section on page 2-30.
Note If you want to return to the restored factory defaults as shown in Figure 2-8, click Reset to reset to factory defaults.
Using the Search Feature
The enhanced NCS Search feature (see Figure 2-10) provides easy access to advanced search options and saved searches. You can access the search options from any page within NCS making it easy to search for a device or SSID (Service Set IDentifier).
Figure 2-10 NCS Search Feature
The following searches are possible using NCS:
Quick Search
For a quick search, you can enter a partial or complete IP address, MAC address, name, or SSID for clients, alarms, access points, controllers, maps, tags, or rogue clients (see Figure 2-10).
Note You can also enter a username if you are searching for a client.
To quickly search for a device, follow these steps:
Step 1 Enter the complete or partial IP address, device name, SSID, or MAC address of the device in the Search text box (see Figure 2-11).
Figure 2-11 Quick Search with Partial IP Address
Step 2 Click Search to display all devices that match the Quick Search parameter.
The search results display the matching item type, the number of items that match your search parameter, and links to the list of matching results (see Figure 2-12). Click View List to view the matching devices in the Monitor or Configuration pages.
Figure 2-12 Quick Search Results Advanced Search
Advanced Search
To perform a more specific search for a device in NCS, follow these steps:
Step 1 Click Advanced Search located in the top right corner of NCS (see Figure 2-10).
Step 2 In the New Search dialog, choose a category from the Search Category drop-down list (see Figure 2-13).
Figure 2-13 Search Category Drop-Down List
Note Click each of the following categories for more information.
Search categories include the following:
•Alarms
•Access Points
•Controller Licenses
•Controllers
•Switches
•Clients
•Chokepoints
•Events
•Interferers
•Wi-Fi TDOA Receivers
•Maps
•Rogue Client
•Shunned Client
•Tags
Step 3 Select all applicable filters or parameters for your search (see Figure 2-14).
Note Search parameters change depending on the selected category. The following pre-defined search filters have been added in Release 6.0: Associated Clients, Authenticated Clients, Excluded Clients, Probing Clients, All Clients, New Clients detected in last 24 hours, unauthenticated clients, 2.4 GHz clients, and 5 GHz clients.
Figure 2-14 New Search Fields
Step 4 Choose the number of items to display on the results page.
Step 5 To save this search, select the Save Search check box and enter a name for the search in the text box.
Step 6 When all filters and parameters are set, click Go.
Searching Alarms
You can configure the following parameters when performing an advanced search for alarms (see Table 2-9).
Note You can decide what information appears on the alarm search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Access Points
You can configure the following parameters when performing an advanced search for access points (see Table 2-10).
Note You can decide what information appears on the access points search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Controller Licenses
You can configure the following parameters when performing an advanced search for controller licenses (see Table 2-11).
See the "Managing Licenses" section on page 15-131 for more information on licenses and the License Center.
Searching Controllers
You can configure the following parameters when performing an advanced search for controllers (see Table 2-12).
Note You can decide what information appears on the controllers search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Switches
You can configure the following parameters when performing an advanced search for switches (see Table 2-13).
You can decide what information displays on the client search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Clients
You can configure the following parameters when performing an advanced search for clients (see Table 2-14).
Note You can decide what information appears on the client search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Chokepoints
You can configure the following parameters when performing an advanced search for chokepoints (see Table 2-15).
Table 2-15 Search Chokepoint Fields
Searching Events
You can configure the following parameters when performing an advanced search for events (see Table 2-16).
See the "Monitoring Rogue Alarm Events" section on page 5-115 for more information on events.
Searching Interferers
You can configure the following parameters when performing an advanced search for interferers detected by access points (see Table 2-17).
You can decide what information appears on the SE-detected interferers search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching AP-Detected Interferers
You can configure the following parameters when performing an advanced search for interferers detected by access points (see Table 2-18).
Note You can decide what information appears on the AP-detected interferers search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
Searching Wi-Fi TDOA Receivers
You can configure the following parameters when performing an advanced search for Wi-Fi TDOA receivers (see Table 2-19).
Searching Maps
You can configure the following parameters when performing an advanced search for maps (see Table 2-20).
Note You can decide what information appears on the maps search results page. See the "Configuring the Search Results Display (Edit View)" section on page 2-46 for more information.
See the "Information About Maps" section on page 6-2 for more information on maps.
Searching Rogue Clients
You can configure the following parameters when performing an advanced search for rogue clients (see Table 2-21).
See the "Rogue Access Points, Ad hoc Events, and Clients" section on page 3-9 for more information on rogue clients.
Searching Shunned Clients
Note When a Cisco IPS sensor on the wired network detects a suspicious or threatening client, it alerts the controller to shun this client.
You can configure the following parameters when performing an advanced search for shunned clients (see Table 2-22).
Searching Tags
You can configure the following parameters when performing an advanced search for tags (see Table 2-23).
Saved Searches
The Saved Search feature enables you to access and run any previously saved search (see Figure 2-15).
Note When saving a search, you must assign a unique name to the search. Saved searches apply only to the current partition.
Figure 2-15 Saved Search Page
To access and run a saved search, follow these steps:
Step 1 Click Saved Search.
Step 2 Choose a category from the Search Category drop-down list.
Step 3 Choose a saved search from the Saved Search List drop-down list.
Step 4 If necessary, change the current parameters for the saved search.
Step 5 Click Go.
Configuring the Search Results Display (Edit View)
The Edit View page (see Figure 2-16) enables you to choose which columns appear on the Search Results page.
Figure 2-16 Edit View Page
Column names appear in one of the following lists:
•Hide Information—Lists columns that do not appear in the table. The Hide button points to this list.
•View Information—Lists columns that do appear in the table. The Show button points to this list.
To display a column in a table, click it in the Hide Information list, then click Show. To remove a column from a table, click it in the View Information list, then click Hide. You can select more than one column by holding down the shift or control key.
To change the position of a column in the View Information list, click it, then click Up or Down. The higher a column is in the list, the farther left it appears in the table.
Command Buttons
The following command buttons appear in the Edit View page:
•Reset—Sets the table to the default display.
•Show—Moves the highlighted columns from the Hide Information list to the View Information list.
•Hide—Moves the highlighted columns from the View Information list to the Hide Information list.
•Up—Moves the highlighted columns upward in the list (further to the left in the table).
•Down—Moves the highlighted columns downward in the list (further to the right in the table).
•Submit—Saves the changes to the table columns and returns to the previous page.
•Cancel—Undoes the changes to the table columns and returns to the previous page.