Enables or disables the FTP server on AirWave. The FTP server is only used to manage Aruba AirMesh and Cisco Aironet 4800 APs. Best practice is to disable the FTP server if you do not have any supported devices in the network.

Enables or disables the RTLS Collector, which is used to allow AOS controllers to send signed and encrypted RTLS (real time locating system) packets to VisualRF; in other words, AirWave becomes the acting RTLS server. The RTLS server IP address must be configured on each controller. This function is used for VisualRF to improve location accuracy and to locate chirping asset tags. This function is supported only for Dell Networking W-Series, Alcatel-Lucent, and Aruba Networks devices.

If Yes is specified, the following additional fields appear. These configuration settings should match the settings configured on the controller:

RTLS Port—Specify the port for the AirWave RTLS server.

RTLS Username—Enter the user name used by the controller to decode RTLS messages.

RTLS Password—Enter the RTLS server password that matches the controller’s value.

Confirm RTLS Password—Re-enter the RTLS server password.

Enables or disables the embedded mail server that is included with AirWave.

If you enable the "Use embedded mail server" option, enter information for an optional mail relay server. This field supports a Send Test Email button for testing server functionality. Click this button to enter valid email addresses.

Whether AirWave should parse client association and authentication traps from Cisco WLC controllers to give real time information on users connected to the wireless network.

Allows AirWave to collect enhanced data from HPE Aruba Networking devices on certain firmware versions. See the Best Practices Guide on the Home > Documentation page for more details

NOTE:  

When enabling AMON, auditing should be set to daily and have been successful at least once to allow AirWave to calculate the proper BSSIDs per radio. If these BSSIDs do not exist, clients are dropped because they do not have any corresponding BSSIDs in the AirWave database. Auditing should be set to daily because the BSSIDs are kept in cache memory and cleared every 24 hours.

To view usage data on a standalone controller or managed device, set the Enable AMON Data Collection option to No to allow usage data to be aggregated from the AP level.

Allows AirWave to collect enhanced Clarity Monitoring data from HPE Aruba Networking devices running AOS 6.4.3 and later versions

If AMON is enabled for a controller, you can enable AirWave to collect Traffic Analysis data from the controller by setting this to Yes. When enabled, the Home > Traffic Analysis dashboard is available in the WebUI.

If Traffic Analysis Data Collection is enabled, you can specify the amount of storage to allocate.

Enables controllers to send UCC data to HPE Aruba Networking Management Software (AirWave). For this feature to work, HPE Aruba Networking Management Software (AirWave) must be a management server on the controller, the AMON port is set up for UDP port 8211, and the controller profile has UCC monitoring enabled.

Enables caller-to-callee call stitching for non-SDN deployments. You should turn off this option for NAT and BOC deployments.

Prefer AMON is a configuration setting which causes AirWave to use an AMON feed to obtain client monitoring information from a controller rather than polling it via SNMP. When you enable this setting, values such as AP lists and rogue AP lists are still polled via SNMP, but the bulk of client monitoring information is delivered via AMON.

Auditing needs to have been successful at least once to allow AirWave to calculate the proper BSSIDs per radio.

When Prefer AMON is enabled, the controller must be configured to send AMON to AirWave by issuing the controller-amon bssid-tunnel-stats command from the command-line interface of the standalone controller or managed device (not Mobility Conductor).

To view bandwidth usage data on a standalone controller or managed device, you must set Prefer AMON vs SNMP Polling to No and also set the Enable AMON Collection setting to No. For more information, see Enable AMON data collection.

The network path from the controller to the AirWave server must allow traffic on UDP port 8211.

The controller routinely sends AMON in large UDP packets, (up to 30K bytes). Before enabling this setting, ensure the network path from the controller to AirWave  can pass such large packets intact.

This setting should only be used in a network environment with low levels of UDP packet loss, as the loss of a single Ethernet frame will potentially result in the loss of up to 30K bytes worth of data.

Allows AirWave to use an AMON feed to detect a new rogue AP from a controller, but continues to poll SNMP for regular AP updates. When a new rogue AP is detected, this information is forwarded from the detected AP to the WMS, which triggers a MON_AP_INFO message to be sent over AMON. When a new device is discovered, the AP_OPERATION is set to ADD in the AMON message.

This option specifies whether traps used to detect roaming events, auth failures, AP up/down status, and IDS events will still be collected if they are sent by managed devices.

This setting reserved for future use.

This option allows you to enable SSH Key authentication instead of entering passwords to set up a communication between devices and the AirWave.

When you set the Enable SSH key authentication to Yes, the following options are displayed:

SSH public key—This text box displays the public key when the key is generated.

SSH key authentication types—This drop-down list includes the DSA, ECDSA, ED25519, and RSA. Select one of the authentication types to generate the SSH key. When you select the ECDSA and RSA option, the SSH key bits range drop-down list is displayed. When you create the SSH public key, select the number of bits to use from the drop-down list.

Enable SSH key Passphrase—By default in AirWave, Enable SSH key Passphrase is set to Yes and the AirWave generates the passphrase randomly. Setting Enable SSH key Passphrase to No will disable the passphrase (No passphrase).

Overwrite Passphrase—Check the box for Overwrite Passphrase to get passphrase from AirWave UI instead of randomly generated passphrase.

Enter SSH Key Passphrase and Confirm Enter SSH Key Passphrase —Add the passphrase. Passphrase must be in range of 5 – 10 characters and with alphanumeric characters.

Generate new SSH public key—Click the Generate Key button to generate the key whenever there is a change in passphrase, authentication bytes or key bits options. Once the new key is generated, save the key.

Keys not only boost security, it also makes managing systems much easier. Instead of entering password for each device, you only have to do it once per AirWave by enabling public key authentication at AMP level.

NOTE: AirWave supports passphrase and simple public key authentication. In FIPS mode, AirWave supports ECDSA and RSA algorithms for keys.

You can also set SSH key authentication at the device level. For more information, see Manually Adding Devices

This setting reserved for future use.

Security improvements in AirWave 8.2.1 and later releases allow you to specify a custom PAPI key and require PAPI key validation. If you select the Yes option, you are prompted to enter a custom PAPI key.

When you enable this option, you can configure the username and password for the Activate user.

NOTE: The Activate user needs to be created beforehand at: Aruba Activate

This option is set to Yes by default. In order for Aruba switches to automatically check-in to AirWave by ZTP, you must change this option to No. If you select No, you must restart AMP.

Make your reports run faster by setting a limit on how many reports can run at the same time.