Advanced System Settings

Advanced system settings are system-level operations typically performed from the SYSTEM tab in CV-CUE. The settings apply to the entire network.

This chapter contains the following topics:

License Settings for On-Premises Users

You can apply licenses from CV-CUE for on-premises users. After you upload the license file, you need to log out and then log in again for the license to be effective.

Follow these steps to apply the license:
  1. Got to SYSTEM > Advanced Settings > License.
  2. (Optional) Click Download License to download the existing license details in a text file format.
  3. Click Select License File and select the license file from your local or shared drive. Licences must be in the json file format.
  4. Apply the license.
  5. When prompted, log out and then log in again to successfully activate the license.

Language Settings

You can define the system language that is used by CV-CUE as a mode of communication. CV-CUE uses the system language to send default messages from the application. For example, alerts and notifications are communicated using the system language. The default system language is English.

Follow these steps to configure the system language:
  1. Got to SYSETM > Advanced Settings > Language.
  2. Select the system language and the SSID encoding language.
  3. Save the changes.

High Availability Status

If you have enabled the High Availability (HA) service, you can see the HA status and configuration details of the servers. For example, you can see whether the HA service is running or stopped or disabled. If you have not configured the HA service, you will see the status as Disabled. This is a read-only page; you can not configure anything on this page. Configure the HA service using the CLI.

To see the HA status from CV-CUE, go to System > Advanced Settings > High Availability Status.

System Status

You can see the status of the Wi-Fi server and other system-related information from SYSTEM > Advanced Settings > System Status. You can also start and stop system services from the System Status page.

The following system-related information is displayed on this page:
  • Server ID
  • Server Access URL
  • Managed Device Communication Port
  • Maximum Managed Devices Allowed (Physical Devices)
  • Allowed Mode of Operation — Indicates whether Wi-Fi or WIPS or both services are enabled on the server.
  • Software Version — Indicates the software version of CV-CUE
  • Software Build — Indicates the software build version of CV-CUE
  • Operating System
  • Appliance Model
  • IPv4 — Indicates the IPv4 address, if available
  • IPv6 — Indicates the IPv4 address, if available

Cluster Configurations

A server cluster or a cluster is a group of Wireless Manager (WM) servers. A cluster comprises a parent WM server and one or more child WM servers. A cluster is created to manage multiple servers using a single server. This managing server is called the parent server and the servers that are managed from the parent server are called the child servers. A server can be part of only one cluster at any given time. A child server cannot be a parent of any other server in the cluster. Creating a cluster helps in managing multiple servers together. For example, you can create a policy and implement it across different servers using a cluster.

You can create clusters using the server command line console. For more information on creating clusters and managing servers in a cluster, refer to the following chapters in your respective server installation guide.
  • Setup and Manage Server Cluster - For details on setting up server clusters
  • Server Config Shell Commands- For details on server cluster commands.
After you have assigned a parent server to a cluster and have added child servers to the server cluster, login into CV-CUE to view cluster data and manage cluster configuration.
Note: You must be a superuser to view cluster data and manage cluster configurations.

View Cluster Configurations

To view the cluster data:
  1. Go to SYSTEM > Advanced Settings.
  2. Click the Cluster Configuration tile. All the existing servers in a cluster are displayed.


The table displays the following data:
Table 1. Cluster Configuration Details
Field Description
Status The status of the server. The icons mean the following:
Table 2.
Icon Description


Connected Server


Disconnected server


Expired license or mismatched version
Server Name Name of the server
Mount Point Mount location of the server
Server IP Address IP Address of the server
Version Software Version number of the server
You can perform the following actions on a cluster server:
  • Mount or Unmount the server
  • Change mount location
  • Copy Policies
  • Fix version mismatch
  • Fix License
Note: You can perform the actions only a connected server.

Mount or Unmount the Child Server

To view the server cluster data or to copy the parent server’s policy, you need to mount the individual child servers on the parent server location tree. Before you mount the child server, ensure that you have applied a valid license to it and it has the same build version as the parent server.

To mount the child server:
  1. Select the child server. Click Mount from the three-dot menu next to it.
  2. Select the mount location and click Save.

The child server is mounted on the selected location.

Note: When you mount a child server, the parent server policies are not inherited by the child server automatically. The child server continues to use its existing policies. You need to explicitly apply the parent server’s policy.

Similarly, you can umnount the child server from the parent server by clicking Unmountfrom the three-dot menu next to it.

Change the Mount Point of the Child Server

You can change the mount point of a child server and mount it to another location. Before you change the mount point of a server, ensure that a valid license is applied to it.

To change the mount location of the child server:
  1. Select the child server. Click Change Mount from the three-dot menu next to it. The Change Mount Point pane appears.
  2. Select the new mount point and click Save.

Copy Policies

Policies are configuration settings that you define for a server. If you want to keep the same configurations or settings across servers in a cluster setup, you need to create only one policy and copy the policy to all other servers. This helps in maintaining consistency in your settings, provides ease of replication, and reduces human errors. You can copy policy settings from a child server to another child server, a parent server to a child server, or a child server to a parent server. You can copy the following policies:
  • Account Suspension
  • Password Policy
  • Language Setting
  • Audit Logs
  • Auto Deletion
  • SMTP Configuration
  • Radius Configuration
  • Server Upgrade
  • Certificate
  • LDAP Configuration
  • AP Server Key (Device Communication Key)
  • ArcSight Integration
  • Banned APs
  • Banned Clients
  • License
  • Reports Look and Feel
  • SysLog Integration
  • SNMP

You can copy a single policy or copy multiple policies at once.

To copy policies in a cluster server:
  1. Navigate to SYSTEM > Advanced Settings.
  2. Click the Cluster Configuration tile. Alternatively, you can also navigate to the particular policy setting that you want to copy.
  3. Click Copy Policies.
  4. The Copy Policy pane is displayed. Select your To and From Servers.

  5. Select the policies to copy.
  6. Click Save. The Confirm Copy Policy dialog box appears.
  7. Click Confirm.
Once the policy settings are copied, you will get the Copy Policy Results pane displaying the success or failure of the copied policies.

Fix Mismatched Version of the Child Server

The parent server and the child servers in a cluster must have the same software versions. If there is a mismatch between the versions of the parent server and the child server, you need to upgrade your child server to match the version of the parent server.

To fix the child server version:
  1. Click Fix Version Mismatch from the three-dot menu next to it. The fix version mismatch pane opens.
  2. Upgrade your child server. For more information on upgrading your server, refer to Upgrade Server.

Fix Invalid License of the Child Server

The child servers in a cluster must have a valid license. In case of a missing license or an expired license, you need to fix the license of the child server.

Note: This feature is available for on-premise setup only.

To fix the child server license:
  1. Click Fix License from the three-dot menu next to it. The fix license pane opens.
  2. Select the appropriate license file from your local storage and click Apply License.

NTP Configuration

Network Time Protocol (NTP) is used to synchronize the time in servers and computers that are in different networks over the internet. You can add a maximum of three NTP servers.
  1. Go to System > Advanced Settings > NTP Configuration.
  2. Click the Enable NTP check box.
  3. Add the NTP servers. You must add at least one NTP server.
  4. Click Check Drift to check the time drift between NTP servers.
  5. Sync and save the settings

Upgrade Server

You can check for available upgrades and upgrade your server to the latest version of CloudVision Cognitive Unified Edge (CV-CUE). Only a Superuser can initiate a server upgrade.
Note: This feature is available for on-premises deployments only.

Prerequisites for Upgrade

  • TCP Port 8080 of the server is accessible from your computer.
  • Popups are not blocked.

Upgrading your Server

Before you start, ensure that you have downloaded the upgrade bundle to your computer. Also note that you cannot abort or cancel the server upgrade process once the server upgrade is in progress. The upgrade process continues even if you close the browser window.

To upgrade your server:
  1. Go to SYSTEM > Advanced Settings > Upgrade Server. The Upgrade Server screen displays the current build details.
  2. Click Check for Upgrade to check if upgrades are available. You can download the upgrade bundle from Arista’s support website.
  3. (Optional) Select the Check Server upgrade availability at each login checkbox to check for available upgrades on every login.
  4. Click Select File and select the upgrade bundle from your local storage.
  5. Click Check Compatibility and verify that the upgrade bundle is compatible with the server.
  6. Click Upload and Upgrade. The Confirm Upgrade screen displays the current build and upgrade build details.
  7. Click Confirm to initiate the server upgrade. Once the upload is complete, the server upgrade starts automatically.
  8. Refresh your browser and log in to CV-CUE after the server is upgraded.
While the server upgrade is in progress, you cannot access the CV-CUE UI. After the server upgrade is successful, the server reboots automatically. Wait for a few minutes for the server to reboot. After this, you can access the CV-CUE UI again.

Parent-Child or Multi Server Setup

If you have a Parent-Child or a Multiple Server setup and you are upgrading a child server, only the child server is inaccessible while it is upgrading. You will be redirected to the dashboard of the parent server and you can access the parent server.

If you are upgrading the parent server, wait for a few minutes for the server to reboot and log in again to access the server. While the parent server is upgrading, you can access the child server(s).

Base URLs for APIs

Since the Wireless Manager (WM) UI is deprecated, you canot access the WM directly. However, you can view the WM host URL in CV-CUE and use the URL to test APIs offered by CV-CUE or create your own applications. Similarly, if you use the Guest Manager sevices, you can also view the URL for guest analytics (Guest Manager) from CV-CUE.

To view the base URLs, navigate to SYSTEM > Advanced Settings > Base URLs for APIs .

The URLs for both guest analytics, and configuration and management are static links. For more information on availale APIs, see the API Help Portal. The URL for specific end point is available in the API Help Portal. The base URL is available in CV-CUE. For example, if the API endpoint is client, then the URL is <wm_base_url>/wifi/api/clients.

Import Devices

You can import an authorized AP List, and an authorized or unauthorized client list in CV-CUE. The Import Device feature is an efficient alternative to manual movement and classification of these devices.

You must have administrator privileges to import a device list. Import devices is a location specific feature and cannot be inherited from the parent location folder.

You can import Authorized AP List, Rogue AP List, Authorized Client List, Guest Client List, and Rogue Client List.

Follow these steps to import a device list:
  1. Go to System > Advanced Settings .
  2. Click the Import Device tile.
  3. Download the CSV Template.
  4. In the downloaded CSV file, delete the sample data and enter your device list by providing a comma-separated list of MAC Address, IP Address, and Device Name. Save the CSV file.
  5. In the UI, select the Device Type.
  6. Click Select File and select your saved file.
  7. Click Import.

Password Policy

For on-premises deployments, you can configure the minimum requirements for a password in the Password Policy tab. The password settings apply to all user roles - Superuser, Administrator, Operator, and Viewer. If you change the password settings, older passwords are not affected. Only those passwords that are created after you change the settings are subject to the new password settings. This setting applies only to local authentication and does not apply to LDAP and RADIUS authentication.

To configure password settings, follow these steps:
  1. Go to System > Advanced Settings > Password Policy.
  2. Specify the number of characters required for the password. Minimum number of characters is 4, maximum number of characters is 15.
  3. Select the check boxes if you want numeric and special characters respectively in the password.
  4. Save the changes.

System Backup and Restore

You can back up the entire system or only the configuration files, and restore them when needed.
Note: This feature is available for on-premises deployments only.

System Backup

CV-CUE provides two types of backup — full backup and configuration-only backup. The full backup takes a complete backup of the configuration and data. In a configuration-only backup, data related to events, performance, analytics, etc are not backed up.

When you perform a system backup, a TGZ file and an MD5 file are generated. Backup is taken in the form of a TGZ file and the MD5 file is used to verify the data integrity.

Perform a Backup

To perform a full or config-only backup:
  1. Go to SYSTEM > Advanced Settings.
  2. Click the System Backup tile.
  3. Click Full Backup or Config Only Backup from the Backup drop-down menu.
  4. Provide a custom file name and click Continue.

After successful backup, the backup file is stored in the server and you can use it to restore your server database. You can also download the backup files to your local storage. To download a backup file, click the more-menu next to the backup file and download the backup file and MD5 file.
Note: You will be logged out of the server while the backup is in progress.

Renaming a Backup File

To rename the backup file:
  1. Click the System Backup tile.
  2. Click Rename from the more menu next to the backup file entry in the Backup Files table.
  3. Provide the new file name and click Ok.

System Restore

If you have taken a backup of the Arista server database, you can restore the Arista server to a last known working state, in the case of a server failure. You can restore the database or configuration files from a list of backup files available on the server or you can upload a backup file and use it to restore the server.

Before you perform the restore, ensure that the TGZ and MD5 files are present in the same folder.

Restore Database from Available Backups

To restore the database from available backups:
  1. Go to SYSTEM > Advanced Settings.
  2. Click the System Backup tile.
  3. Click the more menu next to the backup file entry in the Backup Files table.
  4. Click Restore Backup.
  5. In the pop-up, select Restore Licenses if you want to restore the licenses of the backup file as well.
  6. Click OK.

Restore Database by Uploading a Restore Bundle

You can upload a restore bundle from an external location to restore the database on the server. The uploaded file is validated before it is used to restore the database.

To upload a restore bundle:
  1. Go to SYSTEM > Advanced Settings.
  2. Click the System Backup tile.
  3. Click Upload Backup Files.
  4. Select your .TGZ and .MD5 files and click Save.
Once the upload files are validated, the server will start the restore process.
Note: You will be logged out of the server while the server restore is in progress.

Hotspot SSIDs

APs with Hotspot SSIDs can be present in the neighborhood. When an enterprise client probes for common Hotspot SSIDs, it is at risk of connecting to the neighborhood AP, without the user knowing about it. You can classify such SSIDs with a higher chance of undesirable connections as Hotspot SSIDs.

To add Hotspot SSIDs,

  1. Go to System > Advanced Settings.
  2. Click Hotspot SSIDs.

  3. Click Add.
  4. Enter your SSID name and click Ok.

You can edit, delete, and search Hotspot SSIDs from the created list. You can also copy the list of Vulnerable SSIDs across servers present in the same cluster, by using the Copy Policy feature.

Vulnerable SSIDs

Access Points (APs) have default SSIDs. Many users do not change these SSIDs before deploying the APs. Therefore, it is very likely that APs using default SSIDs are present in the enterprise neighborhood. If an enterprise client probes for default SSIDs, it is at risk of connecting to the neighborhood AP, without the user knowing about it. Such SSIDs with a higher risk of undesirable connections are classified as Vulnerable SSIDs.

To add Vulnerable SSIDs,

  1. Go to System > Advanced Settings.
  2. Click Vulnerable SSIDs.

  3. Click Add.
  4. Enter your SSID name and click Ok.

You can edit, delete, and search Vulnerable SSIDs from the created list. You can also copy the list of Vulnerable SSIDs across servers present in the same cluster, by using the Copy Policy feature.