FortiWLC – Add an ESS with the Web UI

Add an ESS with the Web UI

ESS profiles can be configured either from E(z)RF Network Manager or from the controller.

You can tell where an ESS profile was configured by checking the read-only field Owner; the Owner is either nms-server or controller. AP400 is designed to use either a Virtual Cell ESS or a non-Virtual Cell ESS, but not both at once. AP1000 is designed to use a Virtual Cell ESS and a non-Virtual Cell ESS simultaneously. To add an ESS from the controller’s Web UI, follow these steps:

Click Configuration > Wireless > ESS > Add.

137

The ESS Profile Add screen displays – see below.

In the ESS Profile Name field, type the name (ID) of the extended service set. The name can be up to 32 alphanumeric characters long with no spaces.
In the Enable/Disable list, select one of the following:

Enable: ESS Profile created is enabled.
Disable: ESS Profile created is Disabled.

In the SSID field, type a name up to 32 characters for the SSID for this ESS. (Note that when you are creating either Virtual Cell overflow or a non-Virtual Cell ESS, you will be creating two ESS Profiles with the same ESSID. See “Configure Virtual Cell Overflow with the Web UI” on page 158 for details.)
In the Security Profile Name list, select an existing Security Profile to associate with the ESS profile. By default, an ESS profile is associated with the Security Profile named default. For more explanation, see “Security Profiles for an ESS” on page 147.
In the Primary RADIUS Accounting Server list, select either the name of a previously configured RADIUS accounting server profile or the No RADIUS option. Selecting the No RADIUS option means that no RADIUS accounting messages will be sent for clients connecting to this ESSID profile. For more information, see the authentication chapter RADIUS Accounting for Clients.
In the Secondary RADIUS Accounting Server list, select the name of a previously configured RADIUS accounting server profile or the No RADIUS option. If No RADIUS is selected, then no RADIUS accounting messages will be sent for clients connecting to this ESSID profile. For more information, see the security chapter RADIUS Accounting for Clients.
In the Accounting Interim Interval (seconds) field, type the time (in seconds) that elapses between accounting information updates for RADIUS authentication. If a RADIUS accounting server is enabled, the controller sends an interim accounting record to the RADIUS server at the interval specified. Accounting records are only sent to the RADIUS server for clients that authenticate using 802.1x. The interval can be from 60 through 36,000 seconds (10 minutes through 10 hours). The default value is 3,600 seconds (1 hour). For more information, see the security chapter RADIUS Accounting for Clients.
Beacon Interval sets the rate at which beacons are transmitted. Setting the beacon interval to a higher value decreases the frequency of unicasts and broadcasts sent by the access point. If the power-save feature is enabled on clients that are connected to access points, clients “wake up” less if fewer unicasts and broadcasts are sent, which conserves the battery life for the clients. In the Beacon Interval field, type the interval (in ms) at which beacons are transmitted. The beacon interval must be between 20 through 1000 milliseconds. For AP400 and AP1000, beacon interval is a multiple of 20, from 20 to 1000ms. If your WLAN consists mostly of Wi-Fi phones, and you have a low number of ESSIDs configured (for example, one or two), Fortinet recommends setting the beacon interval to 100.

10.In the SSID Broadcast list, select one of the following:

On: SSID is included in the beacons transmitted.
Off: SSID is not included in the beacons transmitted. Also Probe Responses will are not sent in response to Probe Requests that do not specify an SSID.

11.In the Bridging area, check any of these bridging options: • AirFortress: FortressTech Layer 2 bridging and encryption with Fortress Technology AirFortress gateway. • IPv6: Configures bridging Internet version 6 addresses. IPv6 via tunneling mode has these limitations:

No dynamic VLAN
No multiple ESSID mapping to same VLAN
No support for IPv6 filtering
No IPv6 IGMP snooping

12.By default, access points that join the ESS profile and have the same channel form a Virtual Cell. In the New APs Join ESS profile list, select one of the following:

On: (default) Access points automatically join an ESS profile and are configured with its parameters.
Off: Prevents access points from automatically joining an ESS profile. The user is now allowed to add multiple interfaces on the ESS Profile screen. Perform the following steps to add multiple interfaces:
On the ESS Profile – Update screen select the New APs Join ESS profile as Off. This option prevents the APs from automatically joining an ESS profile.
Select the checkbox for an ESS profile and click the Settings button.
The ESS Profile – Update screen is displayed.
On the ESS Profile – Update screen, select the ESS-AP Table tab.
The ESS-AP Configuration screen is displayed. No information is displayed on the ESS-AP Configuration screen.
On the ESS-AP Configuration screen, click the Add button.
The ESS-AP Configuration – Add screen is displayed. Here, the user is now allowed to add multiple interfaces on the ESS Profile screen.
Click OK.
The selected interfaces are now displayed on the ESS-AP Configuration screen.

13.In the Tunnel Interface Type, select one of the following:

No Tunnel: No tunnel is associated with this ESS profile.
Configured VLAN Only: Only a configured VLAN listed in the following VLAN Name list is associated with this ESS profile. If you select this option, go to Step 13. RADIUS VLAN Only: The VLAN is assigned by the RADIUS server via the RADIUS attribute Tunnel Id. Use RADIUS VLAN Only when clients authenticate via 802.1x/WPA/ WPA2 or MAC Filtering.
RADIUS and Configured VLAN: Both a configured VLAN and RADIUS VLAN are associated with this ESS profile. If you select this option, proceed to Step 15.
GRE: Specifies a GRE Tunnel configuration If you select this option, go to Step 14. For details, see the security chapter Configure GRE Tunnels.

14.If you selected Configured VLAN Only in Step 12, select a VLAN from the list to associate with this ESS profile.

15.If you selected GRE for Tunnel Interface Type, select the name of a GRE Tunnel profile previously configured in the Configuration > Wired > GRE area. For GRE to work, DHCP relay must be enabled either locally or globally.

16.In the Allow Multicast Flag list, optionally enable multicasting (on). Only enable multicasting if you need to use a multicast application. Enabling multicasting causes all multicast packets on the air side to appear on the wired side, and all multicast packets on the wired side to appear on the air side. Also see “Multicast” on page 163 in this chapter. • On: Enables multicasting. Enable multicasting only if you need to use a multicast application. Enabling multicasting causes all multicast packets on the air side to appear on the wired side, and all multicast packets on the wired side to appear on the air side.

Off: Disables multicasting.

17.Isolate Wireless to Wireless Traffic can be used to prevent two wireless stations operating on the same L2 domain from communicating directly with each other. This is not a common requirement, but can be necessary for some security policies. Set the option to On if your network requires this.

18.In the Multicast-to-Unicast Conversion, select one of the following: • On: Enables multicast-to-unicast conversion. Enabling this conversion allows multicast packets to be converted to unicast packets and deliver it all the clients.

Off: Disables multicast-to-unicast conversion.The multicast packets will be delivered as multicast packets to the clients.

19.The RF Virtualization Mode drop-down in the ESS Configuration page allows the user to specify the type of virtualization used by the specified ESS profile. The option for selections are as follows:

Virtual Cell: This is the default setting for all APs except AP400 models.
Virtual Port: This is the default setting for AP400 models.
Native Cell: This option disables virtualization on the ESS.

RF-Mode

Channel Width

N-only Mode

Channel and MIMO mode

20.If the APs are any AP400 model, you can make this ESS an “overflow” ESS by selecting a Virtual Cell ESS for the Overflow for: setting. This means that when the named Virtual Cell ESS (that was created earlier) maxes out, it will overflow into this non-Virtual Cell ESS.

This works by having the two ESS Profiles share an SSID so they can seamlessly move clients back and forth as needed. For more explanation, see “Virtual Cell Overflow Feature” on page 157.

21.In release 5.1, WMM configuration in the ESSID has no effect. However, in order to enable or disable APSD features across APs, the WMM parameter must be set to on. For more information, see “Supported WMM Features” on page 156.

22.For APSD support, select on or off. APSD stands for Advanced WMM Power Save and is supported AP400/AP1000. For more explanation, see “Supported WMM Features” on page 156.

On: Data packets for powersave mode clients are buffered and delivered based on the trigger provided by the client. This feature saves more power and provides longer lifetime for batteries than the legacy power save mode (TIM method). Note that you must haveWMM set to on for this to work – see previous step. Off: No APSD support.

23.DTIM affects clients in power save mode. In the DTIM Period field, type the number of beacon intervals that elapse before broadcast and multicast frames stored in buffers are sent. This value is transmitted in the DTIM period field of beacon frames.

The DTIM period can be a value from 1 through 255. The default DTIM period is 1. Setting the DTIM period to a higher value decreases the frequency of broadcasts sent by the access point. If power save is enabled on clients that are connected to access points, clients “wake up” less if fewer broadcasts are sent, which conserves battery life for the clients.

Only the behavior of clients currently in power-save mode is affected by the DTIM period value. Because broadcasts are generally wasteful of air resources, the Forti WLAN has devised mechanisms that mitigate broadcasts either with proxy services or with more efficient, limited unicasts. As an example, ARP Layer 2 broadcasts received by the wired side are not relayed to all wireless clients. Instead, the Forti WLC maintains a list of IPMAC address mappings for all wireless clients and replies with proxy-ARP on behalf of the client.

24.In the Dataplane Mode list, select the type of AP/Controller configuration: • Tunneled: (default) In tunneled mode, a controller and an AP1000 are connected with a data tunnel so that data and control packets from a mobile station are tunneled to the controller from the AP and vice versa.

Bridged: (Bridged mode was formerly Remote AP mode.) In bridged mode, data packets are not passed between AP and the controller; only control plane packets are passed. When bridged mode is configured, an AP can be installed and managed at a location separated from the controller by a WAN or ISP, for example at a satellite office. The controller monitors the remote APs through a keep-alive signal. Remote APs can exchange control information with the controller, including authentication and accounting information, but they are unable to exchange data. Remote APs can, however, exchange data with other APs within their subnet. ESSIDs in bridged mode cannot exchange dataplane traffic (including DHCP) with the controller and the following FortiWLC (SD) features are not available in a bridged configuration: Rate Limiting, and QoS

(and all QoS-related features). For more explanation, see “Bridging Versus Tunneling”

on page 159 in this chapter.

A VLAN tag can be configured for a Bridged mode profile (see Step 29 below) and then multiple profiles can be associated to that VLAN tag. The AP VLAN priority can be set in Step 26 below.

25.Provide an AP VLAN tag between zero and 4094. This VLAN tag value is configured in the controller VLAN profile and is used for tagging client traffic for ESSIDs with dataplane mode bridged, using 802.1q VLAN. This field indicates whether an AP needs to map incoming VLAN 802.1p data packets into WMM ACs or not. By default in a bridged ESS, this field is disabled and an AP always honors DSCP field in IPV4 packet to map an incoming packet to one of WMM ACs. When turned on, an AP honors VLAN 802.1p priority over DSCP priority when the packet is mapped into one of WMM ACs.

26.To Enable VLAN Priority, set this field to On.

On: AP disregards the DSCP value in the IP header of a packet.
Off: AP honors the DSCP values in the IP header of a packet. AP converts the DSCP value in the IP header to appropriate WMM queues. This feature works only for downstream packets and only for an ESSID with dataplane mode set to bridged.

27.For Countermeasure, select when to enable or disable MIC Countermeasures: • On: (default) Countermeasures are helpful if an AP encounters two consecutive MIC errors from the same client within a 60 second period. The AP will disassociate all clients from the ESSID where the errors originated and not allow any clients to connect for 60 seconds. This prevents an MIC attack.

Off: Countermeasures should only be turned off temporarily while the network administrator identifies and then resolves the source of a MIC error.

28.In the Enable Multicast MAC Transparency field, indicate on or off. For more explanation, see “Multicast MAC Transparency Feature” on page 164 in this chapter.

On: All downstream multicast packets will have the MAC address of the streaming station.
Off: (default) All downstream multicast packets will have the MAC address of the controller.

29.Band steering balances multi-band capable clients on AP1000 by assigning bands to clients based on their capabilities. To use band steering for ABGN traffic, you could use Asteering to direct dual mode clients with A capability to the 5GHz band and use N-steering to direct all dual mode clients with AN capability to the 5GHz band. Band steering is also useful for directing multicast traffic. For this command to work as clients are added, also set the field New APs Join ESS to on. For more explanation, see “Band Steering Feature” on page 165 in this chapter.Band Steering Mode options are:

Band Steering Disabled
Band Steering to A band: Infrastructure attempts to steer all A-Capable wireless clients to the 5GHz band when they connect to this ESS.

Band Steering to N band: Infrastructure attempts to steer all N-Capable wireless client that are also A-Capable to the 5GHz band when they connect to this ESS. Infrastructure also attempts to steer non N-Capable wireless clients to the 2.4GHz band.

30.Band Steering Timeout sets the number of seconds that assignment for a steered client is blocked on the forbidden band while it is unassociated. For this command to work, also set the field Band Steering to A-band or N-band (see above). Band Steering Timeout can be any integer from 1-65535.

31.Expedited Forward Override option is implemented to override the system’s default DSCP-to-WMM priority mapping. IP datagrams marked with DSCP Expedited Forwarding (46) will be sent from the WMM queue (AC_VO) of the AP rather than the Video queue (AC_VI) in downstream (to stations). It is configured on a per-ESS Profile basis and works in both bridged and tunneled ESS profiles. For configuration, see “Expedited Forward Override” on page 168 in this chapter.

32.SSID Broadcast Preference is specific to address the CISCO phone connectivity issues. It consists of three options as follows:

Disable: Configuring the parameter to “Disable” makes the AP not to advertise the SSID string in the beacon.
Always: Configuring the parameter to “Always” enables the AP to advertise the SSID on the beacons always. This must not be configured unless recommended.
Till-Association: This is the default option. Configuring the parameter to “Till-Association” enables the AP to advertise the SSID in the beacons till association stage of the client and disable the SSID broadcast in the later part of connectivity. This parameter is preferable to configure for the certain version of phones which will resolves the connectivity issues with the Vport ON. Once station associated, the AP will stop broadcasting SSID string. Here the users are allowed to configure SSID broadcast for VPort parameter from controller GUI per ESS basis in addition to AP CLI. For configuration, see “SSID Broadcast for Vport” on page 170 in this chapter. By default, this option is selected.

33.For the remaining Supported and Base Transmit Rates for B, A, G, and BG modes, enable or disable rates as needed.

34.Click OK.

If Ascom i75 phones are used to connect to WPA2PSK profile with VCell enabled, then create an ESSID with all BGN Supported HT Transmit rates unchecked (set to none).

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

FortiWLC – Configuring an ESS

Leave a reply

Configuring an ESS

A basic service set (BSS) is the basic building block of an IEEE 802.11 wireless LAN; one access point together with all associated clients is called a BSS. An AP acquires its clients by broadcasting its name (SSID) which is picked up by clients within range. Clients can then respond, establishing a connection. It is legitimate for multiple access points to share the same SSID if they provide access to the same network as part of an Extended Service Set (ESS). You can establish different kinds of ESS for different situations such as:

a VLAN that supports multiple access points per ESS.
several different ESS on one physical access point.
a VLAN for each ESS to separate network traffic. You can also specify that a VLAN be shared between multiple ESS.
an ESS that supports just one person.
an ESS for a remote AP, such as in a branch office. That AP can additionally support ESSs for local traffic.

The Wireless LAN System also allows you to customize a beacon per ESS to support different access point settings, such as base or supported transmit rates, different BSSs, different beacon intervals, and different DTIM periods. This beacon customization allows service customization for each ESS, as well as more flexibility in supporting different clients and services.

ESS profiles for a controller can also be configured from E(z)RF Network Manager. You can tell where an ESS was configured by checking the read-only field Owner. The Owner is either nms-server or controller. AP1000 can simultaneously support an ESS with Virtual cell and another ESS without Virtual Cell.

FortiWLC – Beacon Services

Leave a reply

Beacon Services

Fortinet Beacon Services use iBeacon to allow mobile application (iOS and Android devices) to receive signals from beacons in the physical world to deliver hyper-contextual content to users based on location. Bluetooth Low Energy (BLE) is the wireless personal area network technology used for transmitting data over short distances. Broadly, the Beacon Service requires a Bluetooth based iBeacon device to broadcast signals and a mobile application to receive these signals once it comes in the configured proximity. You can now create multiple Beacon Service profiles and map APs to a specific profile.

The Beacon services are available by default in FAP U421EV, FAP U423EV, FAP U321EV and FAP U323EV. For other non-wave2 APs, you will need Bluetooth adapters (For example: Broadcom USB Class 2 Bluetooth 4.0 Dongle, CSR 4.0 Bluetooth Dongle and Iogear Bluetooth 4.0 USB Micro Adapter GBU521). Ensure that Bluetooth adapters support Bluetooth version 4.0 or above.

Note:

Wave 1 APs must be connected to 802.3at power supply.

You can perform the following operations to manage the Beacon Services. Navigate to Configuration > Devices > Beacon Services.

Adding Beacon Services Profiles

This option allows you to add a Beacon Service. You can create multiple Beacon Service profiles and also map APs to a specific profile.

APs part of a profile send iBeacons that will help advertise hyperlocal content to users in context to their location.

Beacon Services

Update the following fields.

BLE Profile – Unique name for this Beacon Service profile. The supported range is 1-64 alphanumeric characters.

Advertise BLE Beacon – Enables the BLE beacons to advertise packets received by devices. These packets determine the location of the device with respect to the Beacon.

BLE Format – BLE Format – Select ibeacon as a BLE Format.

Beaconing Interval (ms) – Select the time interval at which the Beacons transmit signals to associated devices, that is, this sets the rate at which beacons advertise packets. Setting the beacon interval to a higher value decreases the frequency of unicasts and broadcasts sent by the AP. The supported range is 100-1000 milliseconds.

Universal Unique Identifier (UUID) – Click Generate UUID, to receive a UUID that is specific to the beacon. The purpose of the ID is to distinguish iBeacons in your network from all other beacons in other networks not monitored by you.

Major Number – This number is assigned to some beacons in a network and is used to distinguish this subset of beacons within a larger group of beacons. For example, beacons within a particular geographic area can have the same major number. The supported range is 0 to 65535.

Minor Number – This number is assigned to identify individual beacons. For example, each beacon in a group of beacons with the same major number, will have a unique minor number. The supported range is 0 to 65535.

Power Level – Select a power level for the beacon’s transmit signal. The higher the power the greater will be the range of your signal. This is measured in dBM (Decibel-Milliwatts). The supported range is 0(-29 dBm) to 15(4dBm).

Exporting Beacon Services Profiles

You can export the existing Beacon profiles into your local drive.

Importing Beacon Services Profiles

You can load Beacon Services profiles by importing files (*.csv) from your local drive.

Click Import and browse to the saved *.csv template file.

Beacon Services

Adding APs to the Beacon Service Profile

Click the edit icon to view the service profile details. Beacon Services – Update page is displayed to make changes to the service profile.

Click the Add option to start adding APs to the service profile. By default this page shows the list of APs added to the service profile.

You can add multiple APs to a service profile.
An AP can be mapped to only one service profile at a time.

Editing Beacon Services Profiles

Select the Beacon Services profile and click Edit to edit the values for an existing profile.

Beacon Services

Deleting Beacon Services Profiles

Select the Beacon Services profile and click Delete in the Action column to delete the profile.

Beacon Services

FortiWLC – Device Fingerprinting

Leave a reply

Device Fingerprinting

Device fingerprinting allows collection of various attributes about a device connecting to your network. The collected attributes can fully or partially identify individual devices, including the client’s OS, device type, and browser being used.

Device Fingerprinting can provide more information for the station and allows system administrators to be more aware of the types of devices in use and take necessary actions. You can view the details of the devices via Monitor > Dashboard. You can import, export, add, delete, or restore the devices using the fingerprint command and the show fingerprints command displays the device fingerprints stored in the system. See Command Reference Guide for more information on the CLI commands.

Configuration Using WebUI

Configuration > Devices > Device Fingerprint

By default, this page lists the configured device OS types that can be monitored.

Device Fingerprinting

Adding a New Device OS

To add a new device OS type, click the ADD button and enter the device name and the associated hexadecimal characters (starting with 37 or 3c) and then click SAVE to add this device to the list.

Modifying an Existing Device OS

To modify an existing entry, select the checkbox for that entry and click the EDIT button. Make the required changes in the pop up box and click the SAVE button.

Device Fingerprinting

Export Device OS Details

To export the existing list of devices to another controller, click the checkbox in the column header to select all entries. Then click the EXPORT button to create a text file with the entries.

Import New Device OS Details

To import new entries, click the IMPORT button and browse the location with the text file. Then click the SAVE button to add the new list.

Configuration Using CLI

The CLI command fingerprint has the following options:

default(15)(config)# fingerprint ?

add (10) Adds description and hexadecimal characters. delete (10) Deletes description and hexadecimal characters. export (10) Adds description and hexadecimal characters. import (10) Adds description and hexadecimal characters. restore (10) Restores configuration file.

add – To add new device OS type
delete – Remove an existing device OS type
import – Specify the filename to import device OS types. The file must be available in /opt/ meru/images folder.
export – To export the current list of device OS types. The exported file is stored as a .txt file in /opt/meru/images directory

Device Fingerprinting

FortiWLC – RF Interferer Classification

Leave a reply

RF Interferer Classification

Wi-Fi networks operate in the unlicensed 2.4 and 5 GHz frequency bands, where they share a medium with a variety of other devices. With the exception of Bluetooth devices, none of the other devices have any mechanisms to co-exist with Wi-Fi networks. As a result, when an interfering device is emitting energy in the WLAN channel the WLAN Access Point is used for communication, the throughput of the AP can be significantly affected.

Spectrum detects all non-802.11 interference devices, especially the devices mentioned in the below list:

Microwave ovens (conventional)
Microwave ovens (inverter)
Motorola Canopy Wireless
Non-Wifi Wireless Bridges
Wireless video cameras (digital and analog)
Analog cordless phones (2.4GHz and 5GHz)
FHSS cordless phones (2.4GHz and 5GHz)
DSSS cordless phones (2.4GHz and 5GHz)
Bluetooth devices
Wireless baby monitors
Game Controllers
RF Jammers (both narrowband and wideband)
Wireless mice
Zigbee devices
Motion Detectors (S-band, radar-based)

In addition to the above mentioned devices, the RF Jamming devices also exist. The RF Jamming devices can be used to intentionally interfere with wireless communications. Although, these devices are considered to be illegal in the US and elsewhere, they provide performance and security issues to WLANs.

Wireless LANs based on the IEEE 802.11 standards, function in the unlicensed 2.4 and 5 GHz frequency bands. Other devices emitting radio-frequency energy in these bands can interfere with WLAN transmissions. The “Radio frequency characteristics for the interferer devices listed below” on page 126 lists some common RF interferer and their RF characteristics.

Radio frequency characteristics for the interferer devices

The Radio frequency characteristics for the interferer devices are listed below:

From the deployment perspective, the Spectrum coverage not only depends upon its sensor (receiver sensitivity), but also depends upon the interference devices transmit power (or signal strength). We cannot place the sensors far away and expect the very low signal strength interference device packets to reach the sensor.

Theoretically, lower the signal strength of the interference devices more sensors must be packed to catch those devices.

The “Sensors” on page 123 (“Software Sensors” on page 123 and “Hardware Sensors” on page 123) must be installed at least six feet away from a servicing AP. Having it closer affects the accuracy of interference classification.

The servicing APs must not be installed very close to PSM3x, as the false events (Analog Cordless Phones, etc.,) may be detected by PSM3x sensor due to the EMI (Electromagnetic Interference) emitted near by APs.

For Example:

Bluetooth has 2.2 dBm transmit power, for which the sensors must be placed closer in the given site, for it to be captured. So, the signal strength of interference devices is inversely proportional to the sensors coverage area.

Also the sensor coverage area is proportional to the receiver sensitivity. More the receiver sensitivity (which can be obtained with higher gain antennas) the sensors can be more sparsely distributed compared to the above example.

The conclusion is, the coverage area of the sensor depends upon the lowest signal strength of the interference device to be detected and depends upon the receiver sensitivity of the sensor. More the signal strength of the interference device and more the receiver sensitivity, the sensors will have more coverage and vice versa. Assuming the above considerable factors the predictable coverage can be identified with the following table, which has a specified interference transmit power. So it’s the administrator or the user environment the deployment for the sensors can be predicted.

TABLE 9: Radio frequency characteristics for the interferer devices listed below

Interferer Device	Frequency Range	Transmit Power	Modulation	# Communication Channels Supported	Width	Features
Bluetooth	2402-2480 MHz	2.2 dBm	GFSK, FHSS	79	1 MHz	Pulsed, low-power
Analog Cordless Phone	2403-2480 MHz	NA	Narrow Band FM	40	~300 kHz	Narrow Band FM
DSSS Digital Cordless Phone	2407.5-2472 MHz	20 dBm	DSSS	40	1.5 MHz	Highpower, duty Factor
FHSS Digital Cordless Phone	2408.5-2472 MHz	21 dBm	FHSS	90	892 kHz	Pulsed, high-power
Conventional Microwave Oven	2.4 GHz	800W	N/A	N/A	N/A	Pulsed, broadband
Inverter Microwave	2.4 GHz	1300W	N/A	N/A	N/A	Pulsed, broadband
Wireless Video Camera	2414 – 2468 MHz	10 dBm	Frequency Modulation (FM)	4	N/A	Broadband, highpower
Digital Video Monitor	2402 – 2483 MHz	20 dBm	FHSS	27	2MHz	Highpower, frequency hopping
Game Con- troller	2402 – 2482 MHz	N/A	FHSS	40	500kHz	Pulsed, low-power, Frequency hopping

RF Interferer Detection

With the WLANs supporting critical applications such as voice and video communications, monitoring and management of RF interference becomes a security imperative. Interference can be from an intentional, malicious interferer such as an RF jammer or from an unintentional source such as a cordless phone in a nearby location. In either case, the ability of the WLAN to support the real-time communication required by these applications can be severely compromised by the RF interference. WLANs must be able to continuously detect the interferer in the RF environment for these security issues and trigger alerts to network administrators.

The Sensors which are listed in the Event Log page provides the interference event information.

Figure 32 on page 127 illustrates the sensors listed on the Event Log screen.

Figure 32: Sensors listed on the Event Log screen

Each interferer device signal is treated as an interference event and is detected by the following parameters:

Event Subtype (Type of interferer)
Signal Strength (Current/ Average / Maximum) dBm
Affected Channel(s) (Impact will be on the channels listed)
Center frequency
Duration (how long the inference event was seen)
Start Time (At what time the interference event started)
Stop Time (At what time the interference event stopped)

The active Interference event is highlighted in bold font and a red dot.

The event which is not alive at the moment will be grayed out as shown in the

The RF Interferer classification is detected by the following parameters

Channel
Signal Strength

Interferer can be detected,

By opting to filter, for only on that channel.
Interferer fading into the 2.4GHz and the 5GHz spectrum by varying its signal strength which is detected by opting to filter the signal strength ranging from >=- 10 dBm to >=110 dBm
By Specific interferer devices.

Interferer on all channels, in the range of signal strength and also on all types of Interferer devices can also be filtered by opting “All”.

Historical Spectrum dashboard Analysis

Spectrum Manager provides historical spectrum data for analysis. The impact on the interferer devices can be determined with the data available from the past with the tentative date and time. Interference events caused by the interferer devices are stored in the Spectrum Manager database for future analysis. A history of interference events for one year is maintained.

Event logs

The triggered events from the particular sensor are consolidated, captured and displayed in the Event Log screen as displayed in Figure 146 on page 351.

Time-based Analysis

The Spectrum events are the time-based triggered events, for which the “Start and Stop time” is not provided. It must display the dashboard for the current interference activity. Ensure the “Earliest Time possible in Start time and Use current time in Stop time” check box is checked, to view the dashboard for real time display.

Proactive Spectrum Manager

Proactive Spectrum Manager, designed for single channel deployment, takes a top-level view into the channel spectrum, then recommends the best channels) for network operation. The PSM dashboard presents a goodness value for all channels and recommended channels of operation for the network using a chart with green (good) and red (don’t use) bars.

Configure Proactive Dashboard Manager Using the Web UI

Use the dashboard to see the channel goodness over the spectrum and best available channels for 20MHz or channel-bonded (40MHz) operation on the 2.4 and 5GHz bands. The spectrum shows bar chart goodness values for all 20MHz and 40MHz channels. The higher the bar, the better the channel is. If the color of the bar is grey, no observation on that channel has taken place.

You have two PSM options, View and Evaluate.

View is enabled on all channels by default. View mode monitors interference, such as rogues, and displays recommendations for channel use. If you see solid green bands on every channel in the charts, either only View is enabled or Evaluate is also enabled and there are no rogues on any channels.
Evaluate is disabled on all channels by default. If you enable Evaluate mode on the channels, then PSM will manage the use of those channels by moving devices away from channels with a specified amount of rogue activity. To enable Evaluate:

Click Monitor > Spectrum Manager > PSM.
Click Evaluate at the top of the screen.

Optionally, select one of the options from the Evaluate drop-down list:

View turns on rogue detection, does an immediate scan, turns off rogue detection, and then displays the results.

One Time Adapt turns on rogue detection, does a scan, turns off rogue detection, and then moves stations to recommended channels immediately

Periodic Adapt repeats at the interval you set in the minutes value. Every x minutes, it turns on rogue detection, does a scan, turns off rogue detection, and then moves stations to recommended channels immediately.

Optionally change the Evaluation Time from 120 seconds to a value of 5 – 300 seconds. Evaluation affects rogue scanning (turns it on for Evaluation Time seconds) and optionally changes channels.
Optionally change the Threshold from 25 to a value of 1 – 100 rogues. Threshold indicates a delta in goodness value between current and recommended channel that triggers a change of channel. Non-zero threshold applies to periodic adaptation.
Optionally change the Adaption Interval from 30 to a value of either zero or 5 – 10080 seconds. (The values 1-4 seconds are not supported.) The adaptation interval determines how often channels can be automatically changed for this controller.
Click Start Wizard.
Confirm by clicking OK twice.

Click Graph Help to see what the chart colors mean. Click Details on either chart to see numeric values for the green bars in the charts. A summary of rogue scanning parameters is presented at the bottom of the screen. Also, the adaptation period of a periodic adaptation is shown if one is running. The view automatically refreshes every minute.

If rogue detection is not enabled on the network, PSM turns it on when needed for evaluate mode, then turns it back off. For example, if you use the option One Time Adapt, PSM turns on rogue detection, does a scan and then moves stations to recommended channels immediately. This overwrites the running config and reboots the APs (save it to make it permanent).

Blacklisted channels are never recommended. RS4000 and mesh radios are not supported. The more non-Fortinet equipment on a channel, the lower the recommendation will be to use that channel. Do not use this feature with a multichannel configuration.

Configure Proactive Dashboard Manager Using the CLI

The CLI command for Proactive Dashboard Manager is proactive-spectrum-manager evaluate. This is an example:

mg‐mc2# proactive‐spectrum‐manager evaluate

** Attention: Stations may be disconnected in this evaluation **

Are you absolutely sure [yes/No]? yes

Evaluation time [120s]? 10

View or Adapt [View/adapt]? adapt

Adaptation period [0] min (5‐10080)? 0

FortiWLC – Control Panels

Leave a reply

Control Panels

The Control Panels are displayed towards the left of the Dashboard screen.

The following table depicts the various Control Panel tabs available on the Monitor Console screen:

“Sensors Filter” on page 112
“Advanced Filter” on page 114
“Interference” on page 115
“Display Settings” on page 116

Sensors Filter

The Sensors Filter enables to filter the information to be displayed on the screen by selecting a sensor under sensor hierarchy. Perform the following steps to configure the Sensors filter:

Select the Sensors Filter A list of sensors deployed is displayed.
Select a sensor in Sensor hierarchy and click on Filter selected Group/sensor. The following changes also occur:
The selected sensor is displayed on Trend Graph, Interferer Type and Affected Channels sections of the Dashboard
The Event Log details are updated with selected sensor in Event Log
The Sensors Filter tab displays the following two sections:
“Sensors Hierarchy” on page 112
“Group Information” on page 112

Sensors Hierarchy

The Sensors Hierarchy section displays the sensors hierarchically belonging to the controller.

Group Information

The Group Information section provides the details of the selected Enterprise, Campus, Building, Floor and AP.

The following details for the selected Enterprise, Campus, Building, Floor and AP are displayed:
Name – Displays the name of the sensor.
Description – Displays the MAC address of the sensor.
IP Address – Displays the IP address of the sensor
Status – Displays the connection status of the sensor.
Select an Enterprise, Campus, Building, Floor or AP from the above Sensors Hierarchy
Select the Filter Selected Group/Sensor
The graph for the selected sensor is displayed on Trend Graph, Interferer Type and Affected Channels sections of the Dashboard

The Sensors Filter tab is enabled only in the below mentioned tabs:

Dashboard
Event Log

Time Filter

The Time Filter enables to configure the screen to display information over a period of time.

This can be performed by configuring the Start Time and Stop Time parameters on the page.

Perform the below actions to configure the Time Filter:

Select the Time Filter
The Time Filter tab displays the following two sections:
“Start Time” on page 113
“Stop Time” on page 113

Start Time

Select the option Earliest Time Possible. The system fetches the data available for the earliest possible time.
Uncheck the Earliest Time Possible option to select the Start Time.
From the Time option, select the time from the drop-down list. The format followed is hh:mm:ss
From the Date option, select the calendar icon to select the Month, Date and Year. The format followed is the mm/dd/yyyy.

Stop Time

Select the option Use Current Time. The system applies the current time.
Uncheck the Use Current Time option to select the Stop Time.
From the Time option, select the time from the drop-down list. The format followed is hh:mm:ss
From the Date option, select the calendar icon to select the Month, Date and Year. The format followed is the mm/dd/yyyy.
Select Apply Time Filter
The Time Filter is applied to the Trend Graph, Interferer Type and Affected Channels sections of the Dashboard

The Time Filter tab is applied and enabled to the below mentioned tabs:

Dashboard
Event Log

Advanced Filter

The Advanced Filter option enables to configure the information to be displayed on the screen by choosing the following available filters:

Channel Filter
This filter enables you to filter the information based on the available channels.
Select the desired channel from the Channel
Select Apply Filter. The Channel Filter is applied to the Dashboard screen and the Event Log
RSSI Filter
This filter depicts the signal strength of the Interferer device.
Select the desired RSSI value from the RSSI Filter The values displayed are in dBm.
Select Apply Filter. The RSSI Filter is applied to the Dashboard screen and the Event Log
Interferer Type
This filter depicts the Interferer Type.
A list of Interferer Type options is available for selection.
Select the desired Interferer Type.
Select Apply Filter. The Interferer Type filter is applied to the Dashboard
Event Log Type
This filter depicts the Event Log Type (Alert Event or Interferer Log Event).
A list of Interferer Log Events and Alert Event options is available for selection in the Event log
Select the desired Event Log Type and select desired Event Subtype.
Select Apply Filter. The Event Log Type/Subtype filter is applied to the Event Log

Interference

The Interference section displays the following:

Start Time: This is the Start Time of the interference and interference type.
Add Note: The Add Note icon enables to add a note.

The Notes section is enabled only on the completion of manual recording. The Notes section displays the following:

Delete Note – The Delete Note icon enables to delete a note.

Timestamps – The Timestamp is used to adjust the Current Recording playback time to the Time stamp of the note.

The Interference and Notes option is displayed on the following tabs:

Channel Availability
Channel Utilization
Spectrogram
Equalizer
Persistence

Display Settings

The Display Settings option enables to configure the information to be displayed on the following screens:

Event Log
Channel Availability
Channel Utilization
Spectrogram
Equalizer
Persistence

Event Log – Display Settings

Perform the following actions to select the columns to be displayed on the Event Log screen:

Select the Event Log The Event Log screen is displayed.
Select the Display Settings
Select the desired columns to be displayed.
The selected columns are displayed on the Event Log

Channel Availability – Display Settings

Perform the following actions to modify the graphical display of the Channel Availability screen:

Select the Channel Availability The Channel Availability screen is displayed.
Select the Display Settings (Figure 27 on page 117 illustrates the Channel Availability screen of the Display Settings.)
The Chart Settings option is displayed.

Figure 27: Display Settings – Channel Availability

Select the Frequencies from the drop-down list to view the Channel Quality and Channel Utilization on the respective channels. The Display Frequency can be set to scan the 4 GHz frequency band, the 5 GHz frequency band or both.
Select the Combine Utilization This enables the Channel Utilization graph (which is in channel quality) to combine the Non-Wireless LAN Interference and Wireless LAN Interference.

Channel Utilization – Display Settings

Perform the following actions to modify the graphical display of the Channel Availability screen:

Select the Channel Utilization The Channel Utilization screen is displayed.
Select the Display Settings
The following sections are displayed: (Figure 28 on page 118 illustrates the Channel Utilization screen of the Display Settings.)
“Timescale settings ” on page 117
“Channel selection settings” on page 117

Timescale settings

Select the Time Span. The valid range is between 2 min – 120 min.
Select the Time Units. The Time Units allows you to select the Elapsed Time or Actual Time.

Channel selection settings

Select the Frequency Band from the drop-down list.

The Select All option enables to display all the WLAN Channel Utilization. Figure 28: Display Settings – Channel Utilization

Spectrogram – Display Settings

The Spectrogram – Display Settings provides the following options:

Data
- Select the Data The Data option allows you to select the Instantaneous data or Peak data.
Time Span
- Select the Time Span. The Time Span ranges between Long – Short.
Axis
- Select the Axis The Axis is configured based on Frequency and Wi-Fi Channels.

Frequency: This option displays the graph based on the frequency.

Wi-Fi Channels: This option displays the graph based on the Wi-Fi Channels. Select the WiFi Channels option, the following parameters are displayed:

Highlight Channel: Check the Highlight Channel option, to highlight a channel when the channel in the x-axis is being mouse-over.
Wi-Fi Channel Width: Select the Wi-Fi Channel Width from the drop-down list. This sets the channel width for the spectrogram to display. Select any one option from the drop-down list.

The options are 20Mhz, 20Mhz+Upper 20 Mhz and 20Mhz+Lower 20 Mhz.

Band

Select one option from the Band
The Spectrogram for the respective bands can be set by selecting one of the options from the drop-down list.
The options is 4GHz, 5GHz (Lower) and 5GHz (Upper).

Overlay Interference – This option highlights the spectrum activity for a particular interferer.

For Example: In the scenario where more interference events are noticed and if the particular interferer is to be viewed, then the overlay for that interferer device can be checked.

(Figure 29 on page 119 illustrates the Spectrogram screen of the Display Settings.)

Figure 29: Display Settings – Spectrogram

Markers

Select the Spectrogram The Spectrogram screen is displayed.
Select the Display Settings
Select the Markers
The markers can be used to visually mark a Frequency on the Spectrogram
Check a marker in the Markers section, the marker appears on the Spectrogram
Select the marker on the display to move it to the desired frequency to visually mark off.

Equalizer – Display Settings

The Equalizer – Display Settings provides the following options:

Persistence

Select the Persistence
Setting Persistence, allows us to study the timed trends in the graph. Increasing the persistence of the display increases the amount of time that samples are retained and displayed allowing us to study variations over time. This can be set in the bar on the display settings from Zero to

Figure 30 on page 121 illustrates the Equalizer screen of the Display Settings.

Axis

Select the Axis The Axis is configured based on Frequency and Wi-Fi Channels.
Frequency: This option displays the graph based on the frequency.
Wi-Fi Channels: This option displays the graph based on the Wi-Fi Channels. Select the Wi-Fi Channels option, the following parameters are displayed:
Highlight Channel: Check the Highlight Channel option, to highlight a channel when the channel in the x-axis is being mouse-over.
Wi-Fi Channel Width: Select the Wi-Fi Channel Width from the drop-down list. This sets the channel width for the spectrogram to display. Select any one option from the drop-down list. The options are 20Mhz, 20Mhz+Upper 20 Mhz and 20Mhz+Lower 20 Mhz.

Band

Select one option from the Band
The Equalizer for the respective bands can be set by selecting one of the options from the drop-down list.
The options is 4GHz, 5GHz (Lower) and 5GHz (Upper).

Figure 30: Display Settings – Equalizer

Markers

Select the Equalizer The Equalizer screen is displayed.
Select the Display Settings
Select the Markers
The markers can be used to visually mark a Frequency on the Equalizer
Check a marker in the Markers section, the marker appears on the Equalizer
Select the marker on the display to move it to the desired frequency to visually mark off.

Persistence – Display Settings

The Persistence Settings provides the following options:

Persistence

Select the Persistence range.
Setting Persistence, allows us to study the timed trends in the graph. Increasing the Persistence of the display increases the amount of time that samples are retained and displayed allowing us to study variations over time. This can be set in the bar on the display settings from Zero to

Figure 31 on page 122 illustrates the Persistence screen of the Display Settings.

Axis

Select the Axis
The Axis is configured based on Frequency and Wi-Fi Channels.
Frequency: This option displays the graph based on the frequency.
Wi-Fi Channels: This option displays the graph based on the Wi-Fi Channels. Select the Wi-Fi Channels option, the following parameters are displayed:

Highlight Channel: Check the Highlight Channel option, to highlight a channel when the channel in the x-axis is being mouse-over.

Wi-Fi Channel Width: Select the Wi-Fi Channel Width from the drop-down list. This sets the channel width for the spectrogram to display. Select any one option from the drop-down list.

The options are 20Mhz, 20Mhz+Upper 20 Mhz and 20Mhz+Lower 20 Mhz.

Band:

Select one option from the Band
The Equalizer for the respective bands can be set by selecting one of the options from the drop-down list.
The options is 4GHz, 5GHz (Lower) and 5GHz (Upper).

Figure 31: Display Settings – Persistence

Markers

Select the Persistence The Persistence screen is displayed.

Figure 31 on page 122 illustrates the Persistence screen of the Display Settings.

Select the Display Settings
Select the Markers The markers can be used to visually mark a Frequency on the Persistence plot.
Check a marker in the Markers section, the marker appears on the Persistence
Select the marker on the display to move it to the desired frequency to visually mark off.

Sensors

The Sensors are classified as follows:

Software Sensors

The software-based sensor is a normal AP with one Radio in ScanSpectrum Mode. Here, the AP mode can be modified from Service/Normal Mode to ScanSpectrum Mode.

Note:

The modification of AP mode from Service/Normal Mode to ScanSpectrum Mode can be performed only via the FortiWLC GUI or by pushing the AP template with Radio profile configured with the ScanSpectrum Mode from FortiWLM.
You can configure both radios of FAP-U421EV, FAP-U423EV, FAP-U321EV, FAP-U323EV sensors in ScanSpectrum Mode, which will make the radios to scan both the Radio spectrum for interference. For all the other Sensors, only single radio can be configured in ScanSpectrum Mode at a time.
No client service will be provided once Radios are configured in the ScanSpectrum

The Software Sensors include the following Access Points:

AP1014i
AP1010i
AP1010e
AP1020i
AP1020e
AP332i
AP332e
AP832i
AP832e
FAP-U421EV FAP-U423EV • FAP-U321EV
FAP-U323EV

Hardware Sensors

The Hardware-based sensors are completely dedicated to monitor the airwaves of the time. By having a dedicated subsystem, the sensor can classify and report on the type and source of interference almost instantly and without taking CPU resources away from the wireless radio. The Hardware Sensors include the following Access Points:

PSM3x
AP433is

FortiWLC – Spectrum Manager Dashboard

Leave a reply

Spectrum Manager Dashboard

The Spectrum Manager Dashboard screen presents the interference information gathered from various “Sensors” on page 123 (“Software Sensors” on page 123 and “Hardware Sensors” on page 123). It provides a graphical representation of the Interference devices activity in the 2.4Ghz and 5Ghz spectrum.

Figure 19 on page 102 illustrates the Spectrum Manager Dashboard screen.

Figure 19: Spectrum Manager Dashboard

The following table depicts the various sections displayed on the Dashboard screen.

Trend Graph

The Trend Graph plots the number of interference events observed over a period of time.

Interferer Type

The Interferer Type Graph is a pie chart divided by the different types of interferer observed in the set duration. The area of each sector is proportional to the percentage of the number of individual interference events from a particular type of interferer against the total number of interference events in the set duration.

Affected Channels

The Affected Channels Graph is a pie chart that plots the number of times, a particular channel was impacted due to an interference events. The area of each sector is proportional to the percentage of the number of events that impacted a particular channel against the total number of events.

Note: An interference event impacts multiple channels simultaneously.

The Dashboard screen provides various expandable control panels to filter database and modify display settings. For further information, refer to “Control Panels” on page 112 topic.

The Dashboard screen allows you to connect to the following other tabs:

“Event Log” on page 103
“Spectrum Manager – Channel Availability” on page 106
“Spectrum Manager – Channel Utilization” on page 107
“Spectrum Manager – Spectrogram” on page 108
“Spectrum Manager – Equalizer” on page 109
“Spectrum Manager – Persistence” on page 110

The above mentioned tabs from 3 to 7 are enabled only, by selecting the View live data from sensor option on the Event Log screen or it can be viewed through Show Spectrum Display of the selected sensor displayed on the Sensor’s page. For further information, refer to Spectrum Manager – Event Log screen.

Event Log

Spectrum Manager > Monitor > Dashboard > Event Log

The Spectrum Manager Event Log screen provides the detailed log information of the sensors.

Figure 20 on page 104 illustrates the Spectrum Manager Event Log screen.

Figure 20: Spectrum Manager – Event Log

The following table depicts the Event Information displayed on the Event Log screen:

Field		Description
Event ID		Displays the Event ID.
Event Type		Displays the type of Event.
Event Subtype		Displays the interference source name.
Sensor		Displays the name of the selected Sensor. The following options are available for selection: • View live data from sensor: This option allows you to read the live data from the Sensor. The below mentioned tabs are enabled by the selection of the View live data from sensor option. • Channel Availability • Channel Utilization • Spectrogram • Equalizer • Persistence The above mentioned tabs reveal data of the selected Sensor in their respective tabs. • Show interferer on map: Select the icon The E(z)RF Map Management screen is displayed, depicting the location of the interfering device on the Floor.
	Field		Description
	Group		Displays the sensor’s group.
	Signal Strength		Displays the Signal Strength of Interference with Min, Max, and Avg values in dBm.
	Channel Utilization		Displays the percentage of channel utilized by the interferer.
	Start Time		Displays the Start Time of the interference detected by the sensor.
	Stop Time		Displays the Stop Time of the interference detected by the sensor.
	Duration		Displays the Duration of the interference detected by the sensor.
	Center Frequency		Displays the Center Frequency of the interference.
	Affected Channel(s)		Displays the number of channels affected by the interference.
	Recording Id		Displays the recording event Id.
	Additional Information		Displays the interfere type for alert triggered event.
	Active		Displays the number of active events highlighted with bold red dot.

Interference Event Clustering

The Spectrum Manager Event Log screen displays the cluster of events. Multiple interference reports, correlated to the same interferer and interference event are assigned to the same cluster ID. The interference event is reported as a single event, when multiple sensors reporting the same interference event.

Figure 21 on page 106 illustrates the Interference Event Clustering screen.

Figure 21: Interference Event Clustering

The Spectrum Manager Event Log screen provides various Control Panel tabs. For further information, refer to “Control Panels” on page 112.

Spectrum Manager – Channel Availability

Navigation: Spectrum Manager > Monitor > Dashboard > Channel Availability

Select the Channel Availability

The Channel Availability screen displays the Channel Quality and Channel Utilization graphs.

Figure 22 on page 107 illustrates the Spectrum Manger Channel Availability screen.

Figure 22: Spectrum Manager – Channel Availability

The Channel Quality and Channel Utilization graph, rendered in a flash application, displays a real time calculated channel quality for each of the Wi-Fi channels as well as the level of interference detected on each channel. The interference is differentiated between 802.11 interference and Non-802.11 The Channel Utilization graph also displays the Channel Utilization per Interference.
Each of the interference is displayed as a percentage of the channel it is utilized.

The Channel Utilization per Interference type is displayed on the Channel Utilization graph, only if the Show Non-Wifi Interference Type option is checked in the Display Settings. This option is displayed only for the Hardware Sensors (See “Hardware Sensors” on page 123.)

The Channel Availability screen provides various Control Panel For further information, refer to “Control Panels” on page 112.

Spectrum Manager – Channel Utilization

Spectrum Manager > Monitor > Dashboard > Channel Utilization

Select the Channel Utilization

Figure 23 on page 108 illustrates the Spectrum Manager Channel Utilization screen.

The Channel Utilization screen displays the WLAN Channel Utilization and Non-WLAN

Channel Utilization graphs. This option is displayed only for the Hardware Sensors (See

“Hardware Sensors” on page 123.)

Figure 23: Spectrum Manager – Channel Utilization

The WLAN Channel Utilization and Non-WLAN Channel Utilization graphs, rendered in a flash application, displays a real time calculated channel utilization for each of the WLAN and Non-WLAN Channels.
The Channel Utilization screen provides various Control Panel For further information, refer to “Control Panels” on page 112.

Spectrum Manager – Spectrogram

Navigation: Spectrum > Monitor > Dashboard > Spectrogram

Select the Spectrogram

Figure 24 on page 109 illustrates the Spectrum Manager Spectrogram screen.

The Spectrogram screen provides the spectrum activity for the Interferer devices.

Figure 24: Spectrum Manager – Spectrogram

The scrolling Spectrogram displays the following details:
- The frequency and amplitude of RF energy over time is displayed.
- The x-axis displays the Frequency (MHz) or Wi-Fi channel number. The amplitude of the energy is plotted as Instantaneous data or the maximum peak hold amplitude. The amplitude is represented in blue color representing the weakest signal and red representing the strongest signal.
- The y-axis displays the Time, with the most recent data at the bottom of the display and the plotted data scrolling upward.
The Spectrogram screen provides various Control Panel For further information, refer to “Control Panels” on page 112.

Spectrum Manager – Equalizer

Spectrum > Monitor > Dashboard > Equalizer

Select the Equalizer

Figure 25 on page 110 illustrates the Spectrum Manager Equalizer screen.

Figure 25: Spectrum Manager – Equalizer

The Equalizer screen provides a flash application that starts Sensor to the browser. The Equalizer is a plot of the amplitude versus the frequency of RF (RF Energy or Signal) scanned by the “Sensors” on page 123.
The Spectrum Equalizer plots the amplitude frequency for the detected RF energy. The frequency along the x-axis can be displayed as either frequency (MHz) or Wi-Fi channels. Both the instantaneous amplitude (the last data point collected over the scan period) and the maximum peak hold amplitude (the highest data point collected over the scan period) are dynamically plotted. The instantaneous data is plotted in yellow, while the peak hold data is plotted in blue. The colors are user configurable.
The Equalizer screen provides various Control Panel For further information, refer to “Control Panels” on page 112.

Spectrum Manager – Persistence

Spectrum > Monitor > Dashboard > Persistence

Select the Persistence

Figure 26 on page 111 illustrates the Spectrum Manager Persistence screen.

Figure 26: Spectrum Manager – Persistence

The Persistence screen provides a flash application. The Persistence provides the spectrum activity for the Interferer devices to view the channel Persistence link to display the interference events.
The Persistence display plots the amplitude frequency for the detected RF energy. Both the instantaneous amplitude (the last data point collected over the scan period) and the maximum peak hold amplitude (the highest data point collected over the scan period) are dynamically plotted. The color of a pixel on the display represents the number of times the energy was detected at that specific frequency and amplitude, with blue representing the least frequent and red representing the most frequent.

The Persistence screen provides various Control Panel tabs. For further information, refer to “Control Panels” on page 112.

FortiWLC – Accessing Spectrum Manager

Leave a reply

Accessing Spectrum Manager

FortiWLC (SD) versions 6.0-2-0 and later provide the ability to configure deployed APs in spectrum scanning mode, acting as a software-based spectrum monitoring device. This configuration is performed via the Configuration > Wireless > Radio table. To configure an AP for spectrum scanning mode, click the desired interface from the table and use the AP Mode drop-down to specify ScanSpectrum Mode.

Figure 18: AP Mode Options

Accessing Spectrum Manager

Once the desired AP(s) are configured, the user can access the Spectrum Manager console via Monitor > Spectrum Manager > Console.