Monitor Alerts
Alerts are categorized into three types: Wi-Fi, System, and WIPS (see the sections below for details) and are further classified as follows, based on the nature of events that trigger the alerts.
- Instantaneous - Alerts generated for events that are instantaneous, i.e., one-off events that do not persist over time. For example, the failure of a scheduled client connectivity test is an instantaneous Wi-Fi alert. Similarly, an authorized client probing for a vulnerable SSID is an instantaneous WIPS alert.
- Live - Alerts generated for events that persist over time. These alerts are triggered by some condition and persist until the condition holds true. For example, the number of clients experiencing authentication failure exceeding a threshold is a Wi-Fi alert that persists over time. Similarly, a rogue AP becoming active is a WIPS alert that persists over time.
- Expired - A live alert expires when the condition that triggered the alert no longer holds true.
Monitor Wi-Fi Alerts
Wi-Fi alerts capture network connectivity and performance events such as client authentication failures and high latencies. As shown in the figure above, alerts are categorized by the aspect of the Wi-Fi network that they pertain to-for example, client connectivity test or connection failure. You can mark a Wi-Fi alert as "Read" or "Unread" and you can delete it.
Monitor WIPS Alerts
WIPS alerts are related to Wi-Fi vulnerabilities and attacks that may pose a security threat to your network. You can turn on or off the security status of a WIPS alert, i.e., decide whether an alert affects the security status of your network. A network administrator can acknowledge an alert. This then shows up in the acknowledgment trail that other administrators can check to know which user has acknowledged an alert. Wherever needed, WIPS alerts have recommended actions that you can undertake to secure your network.
Monitor System Alerts
System alerts are for events related to the overall health of the Wi-Fi server and infrastructure, e.g., when a Wi-Fi server switches from active to standby or an AP gets disconnected from the network. As shown in the figure above, they are categorized into Server or AP/Sensor alerts. You can change whether an alert affects the security status of your network. For example, when a server stops, some WIPS functionality is lost, which could make your network vulnerable. Like WIPS alerts, a network administrator can acknowledge and check acknowledgment trails for a system alert. Wherever needed, system alerts have recommended actions that you can undertake to address the issue.