home *** CD-ROM | disk | FTP | other *** search
/ PC Professionell 2007 April / PCpro_2007_04.ISO / files / dsl / ManageEngineWiFiManager.exe / Disk1 / data1.cab / SourceFiles / WiFiManager.exe / WLANCustomExpert.xml < prev    next >
Encoding:
Extensible Markup Language  |  2007-01-17  |  36.7 KB  |  1,013 lines
  1. <?xml version="1.0"?>
  2. <expert-list>
  3.     <!-- Generic entry for any kind of Alerts -->    
  4.  
  5.     
  6.     <expert>
  7.         <id>0</id>
  8.         <severity>6</severity>
  9.         <enabled>1</enabled>
  10.         <frequency>0</frequency>
  11.         <name>Unknown Alert</name>
  12.         <class>Others</class>
  13.         <summary>Unknown Alert</summary>
  14.         <description><![CDATA[<p>Unknown Alert.</p>]]></description>
  15.         <action></action>
  16.         <customprotect>1</customprotect>
  17.         <alarmsbypoll>0</alarmsbypoll>
  18.         <pollingname></pollingname>
  19.         <isthreshold>0</isthreshold>
  20.     </expert>
  21.     
  22.  
  23.     <!-- Security policies 
  24.     id 6000 : Httpd disabled, 6001:WEP Enforced, 6002:WEP key length,6003: BroadcastSSID Disabled,6004:Telnet Disabled
  25.     6005:PSPF Disabled,6006:EAP Enforced
  26.     -->
  27.     <expert>
  28.         <id>6006</id>
  29.         <severity>2</severity>
  30.         <enabled>1</enabled>
  31.         <frequency>0</frequency>
  32.         <name>EAP Disabled</name>
  33.         <class>Vulnerability</class>
  34.         <summary>Network-level EAP authentication is disabled </summary>
  35.         <description><![CDATA[ <p>EAP authentication is disabled for this Access Point. It is advisable to use EAP-based authentication. EAP has several advantages than the conventional WEP encryption. Moreover, with AccessPoints that don't use EAP or other powerful authentication mechanisms, rogue clients can easily get access to the network.</p>    ]]></description>
  36.         <action><![CDATA[Enable EAP or other powerful authentication mechanisms in the AccessPoint]]></action>
  37.         <detailsurl> <![CDATA[/fault/ShowAlarmDetails.do?uri=/webclient/fault/html/vulnerability-eap-disabled.html]]></detailsurl>
  38.         <customprotect>1</customprotect>
  39.         <alarmsbypoll>1</alarmsbypoll>
  40.         <pollingname>EAP Disabled</pollingname>
  41.         <isthreshold>0</isthreshold>
  42.         <clearmsg>Network-level EAP authentication is now enabled</clearmsg>
  43.     </expert>
  44.     <!-- Security policies ends here -->
  45.  
  46.     
  47.  
  48.     <!-- SNMP Reachability start from id=7000 to id=7009 
  49.     id 7000 : SNMP Reachability for AP, 7001:SNMP Reachability for Switch, 7002:SNMP Reachability for Router,7003:SNMP Reachability for Server
  50.     -->
  51.     <expert>
  52.         <id>7000</id>
  53.         <severity>4</severity>
  54.         <enabled>1</enabled>
  55.         <frequency>0</frequency>
  56.         <name>SNMP Reachability for AccessPoint</name>
  57.         <class>Availability</class>
  58.         <summary>AccessPoint's SNMP Reachability</summary>
  59.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the Access Point.</p>]]></description>
  60.         <action><![CDATA[ 
  61.             <p>On the event of service down
  62.                 <ul>
  63.                     <li>Restart the SNMP service in the device.</li> 
  64.                     <li>Check whether the device's community string matches with what is set in the WiFiManager's global credentials.</li>
  65.                 </ul>
  66.             </p>
  67.  
  68.             ]]></action>
  69.         <groupName>Service Availability</groupName>
  70.         <customprotect>1</customprotect>
  71.         <alarmsbypoll>0</alarmsbypoll>
  72.         <pollingname></pollingname>
  73.         <isthreshold>0</isthreshold>
  74.     </expert>    
  75.  
  76.     
  77.     <expert>
  78.         <id>7001</id>
  79.         <severity>4</severity>
  80.         <enabled>1</enabled>
  81.         <frequency>0</frequency>
  82.         <name>SNMP Reachability for Switch</name>
  83.         <class>Availability</class>
  84.         <summary>Switch's SNMP Reachability</summary>
  85.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the Switch </p>]]></description>
  86.         <action><![CDATA[ 
  87.             <p>
  88.                 On the event of service down
  89.                 <ul>
  90.                     <li>Restart the SNMP service in the device.</li> 
  91.                     <li>Check whether the device's community string matches with what is set in the WiFiManager's global credentials.</li>
  92.                 </ul>
  93.             </p>
  94.  
  95.             ]]></action>
  96.         <groupName>Service Availability</groupName>
  97.         <customprotect>1</customprotect>
  98.         <alarmsbypoll>0</alarmsbypoll>
  99.         <pollingname></pollingname>
  100.         <isthreshold>0</isthreshold>
  101.     </expert>
  102.  
  103.     
  104.     <expert>
  105.         <id>7002</id>
  106.         <severity>4</severity>
  107.         <enabled>1</enabled>
  108.         <frequency>0</frequency>
  109.         <name>SNMP Reachability for Router</name>
  110.         <class>Availability</class>
  111.         <summary>Router's SNMP Reachability Status</summary>
  112.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the Router</p>]]></description>
  113.         <action><![CDATA[ 
  114.             <p>
  115.                 On the event of service down
  116.                 <ul>
  117.                     <li>Restart the SNMP service in the device.</li> 
  118.                     <li>Check whether the device's community string matches with what is set in the WiFiManager's global credentials.</li>
  119.                 </ul>
  120.             </p>
  121.  
  122.             ]]></action>
  123.         <groupName>Service Availability</groupName>
  124.         <customprotect>1</customprotect>
  125.         <alarmsbypoll>0</alarmsbypoll>
  126.         <pollingname></pollingname>
  127.         <isthreshold>0</isthreshold>
  128.     </expert>
  129.  
  130.     
  131.     <expert>
  132.         <id>7005</id>
  133.         <severity>4</severity>
  134.         <enabled>1</enabled>
  135.         <frequency>0</frequency>
  136.         <name>SNMP Reachability for Gateway</name>
  137.         <class>Availability</class>
  138.         <summary>SNMP Reachability fails for Gateway</summary>
  139.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the Gateway</p>]]></description>
  140.         <action><![CDATA[ 
  141.             <p>
  142.                 On the event of service down
  143.                 <ul>
  144.                     <li>Restart the SNMP service in the device.</li> 
  145.                     <li>Check whether the device's community string matches with what is set in the WiFiManager's global credentials.</li>
  146.                 </ul>
  147.             </p>
  148.  
  149.             ]]></action> 
  150.  
  151.         <groupName>Service Availability</groupName>
  152.         <customprotect>1</customprotect>
  153.         <alarmsbypoll>0</alarmsbypoll>
  154.         <isthreshold>0</isthreshold>
  155.     </expert>
  156.  
  157.     
  158.     <expert>
  159.         <id>7006</id>
  160.         <severity>4</severity>
  161.         <enabled>1</enabled>
  162.         <frequency>0</frequency>
  163.         <name>SNMP Reachability for Sensor</name>
  164.         <class>Availability</class>
  165.         <summary>SNMP Reachability fails for Sensor</summary>
  166.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the Sensor</p>]]></description>
  167.         <action></action>
  168.         <groupName>Service Availability</groupName>
  169.         <customprotect>1</customprotect>
  170.         <alarmsbypoll>0</alarmsbypoll>
  171.         <isthreshold>0</isthreshold>
  172.     </expert>
  173.  
  174.     
  175.     <expert>
  176.         <id>7007</id>
  177.         <severity>4</severity>
  178.         <enabled>1</enabled>
  179.         <frequency>0</frequency>
  180.         <name>SNMP Reachability for AAA Server</name>
  181.         <class>Availability</class>
  182.         <summary>SNMP Reachability fails for AAA Server</summary>
  183.         <description><![CDATA[ <p>This alert reports the SNMP reachability status of the AAA Server</p>]]></description>
  184.         <action><![CDATA[ 
  185.             <p>
  186.                 On the event of service down
  187.                 <ul>
  188.                     <li>Restart the SNMP service in the device.</li> 
  189.                     <li>Check whether the device's community string matches with what is set in the WiFiManager's global credentials.</li>
  190.                 </ul>
  191.             </p>
  192.  
  193.             ]]></action> 
  194.  
  195.         <groupName>Service Availability</groupName>
  196.         <customprotect>1</customprotect>
  197.         <alarmsbypoll>0</alarmsbypoll>
  198.         <isthreshold>0</isthreshold>
  199.     </expert>
  200.  
  201.     <!--SNMP Reachability ends here -->    
  202.  
  203.     
  204.     <expert>
  205.         <id>7100</id>
  206.         <severity>4</severity>
  207.         <enabled>1</enabled>
  208.         <frequency>0</frequency>
  209.         <name>Telnet Reachability for AccessPoint</name>
  210.         <class>Availability</class>
  211.         <summary>AccessPoint's Telnet Reachability</summary>
  212.         <description><![CDATA[ <p>This alert reports the Telnet reachability status of the Access Point.</p>]]></description>
  213.         <action><![CDATA[ 
  214.             <p>On the event of service down
  215.                 <ul>
  216.                     <li>Restart the Telnet service in the device.</li> 
  217.                     <li>Check whether the device's telnet credentials matches with what is set in the WiFiManager's global credentials.</li>
  218.                 </ul>
  219.             </p>
  220.             ]]></action>
  221.         <groupName>Service Availability</groupName>
  222.         <customprotect>1</customprotect>
  223.         <alarmsbypoll>0</alarmsbypoll>
  224.         <pollingname></pollingname>
  225.         <isthreshold>0</isthreshold>
  226.     </expert>    
  227.  
  228.  
  229.     <!-- Device Availability start from id=7200 to id=7209 
  230.     id 7200 : Device Reachability for AP, 7201:SNMP Reachability for Switch, 7202:SNMP Reachability for Router,7203:SNMP Reachability for Server
  231.     -->
  232.     <expert>
  233.         <id>7200</id>
  234.         <severity>1</severity>
  235.         <enabled>1</enabled>
  236.         <frequency>0</frequency>
  237.         <name>Reachability for AccessPoint</name>
  238.         <class>Availability</class>
  239.         <summary>AccessPoint not reachable</summary>
  240.         <description><![CDATA[ <p>This alert reports the reachability status of the Device</p>]]></description>
  241.         <action></action>
  242.         <groupName>Device Availability</groupName>
  243.         <customprotect>1</customprotect>
  244.         <alarmsbypoll>1</alarmsbypoll>
  245.         <pollingname>WLANAPObjectStatusPoll</pollingname>
  246.         <isthreshold>0</isthreshold>
  247.     </expert>    
  248.  
  249.     
  250.     <expert>
  251.         <id>7201</id>
  252.         <severity>1</severity>
  253.         <enabled>1</enabled>
  254.         <frequency>0</frequency>
  255.         <name>Reachability for Switch</name>
  256.         <class>Availability</class>
  257.         <summary>Switch not reachable</summary>
  258.         <description><![CDATA[ <p>This alert reports the Reachability status of the Device</p>]]></description>
  259.         <action></action>
  260.         <groupName>Device Availability</groupName>
  261.         <customprotect>1</customprotect>
  262.         <alarmsbypoll>1</alarmsbypoll>
  263.         <pollingname>OpManagerSwitchObjectStatusPoll</pollingname>
  264.         <isthreshold>0</isthreshold>
  265.     </expert>
  266.  
  267.     
  268.     <expert>
  269.         <id>7202</id>
  270.         <severity>1</severity>
  271.         <enabled>1</enabled>
  272.         <frequency>0</frequency>
  273.         <name>Reachability for Router</name>
  274.         <class>Availability</class>
  275.         <summary>Router not reachable</summary>
  276.         <description><![CDATA[ <p>This alert reports the reachability status of the Device</p>]]></description>
  277.         <action></action>
  278.         <groupName>Device Availability</groupName>
  279.         <customprotect>1</customprotect>
  280.         <alarmsbypoll>1</alarmsbypoll>
  281.         <pollingname>OpManagerRouterObjectStatusPoll</pollingname>
  282.         <isthreshold>0</isthreshold>
  283.     </expert>
  284.  
  285.     
  286.     <expert>
  287.         <id>7205</id>
  288.         <severity>1</severity>
  289.         <enabled>1</enabled>
  290.         <frequency>0</frequency>
  291.         <name>Reachability for Sensor</name>
  292.         <class>Availability</class>
  293.         <summary>Sensor not reachable</summary>
  294.         <description><![CDATA[ <p>This alert reports the reachability status of the Device</p>]]></description>
  295.         <action></action>
  296.         <groupName>Device Availability</groupName>
  297.         <customprotect>1</customprotect>
  298.         <alarmsbypoll>1</alarmsbypoll>
  299.         <pollingname>OpManagerSensorObjectStatusPoll</pollingname>
  300.         <isthreshold>0</isthreshold>
  301.     </expert>
  302.  
  303.     
  304.     <expert>
  305.         <id>7207</id>
  306.         <severity>1</severity>
  307.         <enabled>1</enabled>
  308.         <frequency>0</frequency>
  309.         <name>Reachability for AAA Server</name>
  310.         <class>Availability</class>
  311.         <summary>AAA Server not reachable</summary>
  312.         <description><![CDATA[ <p>This alert reports the reachability status of the Device</p>]]></description>
  313.         <action></action>
  314.         <groupName>Device Availability</groupName>
  315.         <customprotect>1</customprotect>
  316.         <alarmsbypoll>1</alarmsbypoll>
  317.         <pollingname>AAAServerStatusPoll</pollingname>
  318.         <isthreshold>0</isthreshold>
  319.     </expert>
  320.  
  321.     
  322.     <expert>
  323.         <id>7208</id>
  324.         <severity>1</severity>
  325.         <enabled>1</enabled>
  326.         <frequency>0</frequency>
  327.         <name>Reachability for Gateway</name>
  328.         <class>Availability</class>
  329.         <summary>Gateway not reachable</summary>
  330.         <description><![CDATA[ <p>This alert reports the reachability status of the Device</p>]]></description>
  331.         <action></action>
  332.         <groupName>Device Availability</groupName>
  333.         <customprotect>1</customprotect>
  334.         <alarmsbypoll>1</alarmsbypoll>
  335.         <pollingname>GatewayStatusPoll</pollingname>
  336.         <isthreshold>0</isthreshold>
  337.     </expert>
  338.  
  339.     <!--Device Reachability ends here -->    
  340.  
  341.  
  342.     <!-- Router Interfaces Reachability id=:Reachability for Switch -->
  343.     <expert>
  344.         <id>7301</id>
  345.         <severity>1</severity>
  346.         <enabled>1</enabled>
  347.         <frequency>0</frequency>
  348.         <name>Interface Reachability for Routers</name>
  349.         <class>Availability</class>
  350.         <summary>Interfaces Reachability fails for Routers</summary>
  351.         <description><![CDATA[ <p>This alert reports reachability status of Router's Interface</p>]]></description>
  352.         <action></action>
  353.         <customprotect>1</customprotect>
  354.         <alarmsbypoll>0</alarmsbypoll>
  355.         <pollingname></pollingname>
  356.         <isthreshold>0</isthreshold>
  357.     </expert>
  358.  
  359.     
  360.     <!--Router Interface Reachability ends here -->    
  361.  
  362.     <!-- Switch Port Reachability id=7004:Port Reachability for Switch -->
  363.     <expert>
  364.         <id>7302</id>
  365.         <severity>1</severity>
  366.         <enabled>1</enabled>
  367.         <frequency>0</frequency>
  368.         <name>Port Reachability for Switch</name>
  369.         <class>Availability</class>
  370.         <summary>Port Reachability fails for Switch </summary>
  371.         <description><![CDATA[ <p>This alert is generated whenever the Switch's Port is down</p>]]></description>
  372.         <action></action>
  373.         <customprotect>1</customprotect>
  374.         <alarmsbypoll>0</alarmsbypoll>
  375.         <pollingname>OpManagerSwitchObjectStatusPoll</pollingname>
  376.         <isthreshold>0</isthreshold>
  377.     </expert>
  378.  
  379.     <!--Switch Port  Reachability ends here -->    
  380.  
  381.  
  382.     <!-- RF Port Status Poller id=7004:Port Reachability for Switch -->
  383.     <expert>
  384.         <id>7304</id>
  385.         <severity>1</severity>
  386.         <enabled>1</enabled>
  387.         <frequency>0</frequency>
  388.         <name>RF Port Status for AccessPoint</name>
  389.         <class>Availability</class>
  390.         <summary>RF Port Status Poller for AccessPoint</summary>
  391.         <description><![CDATA[ <p>This alert reports the RF Port's Status of the AccessPoint</p>]]></description>
  392.         <action></action>
  393.         <customprotect>1</customprotect>
  394.         <alarmsbypoll>0</alarmsbypoll>
  395.         <pollingname></pollingname>
  396.         <isthreshold>0</isthreshold>
  397.     </expert>
  398.  
  399.     <!-- RF Port Status Poller ends here -->    
  400.  
  401.     <!--Ethernet Port Status for AP id 7305 -->    
  402.     <expert>
  403.         <id>7305</id>
  404.         <severity>1</severity>
  405.         <enabled>1</enabled>
  406.         <frequency>0</frequency>
  407.         <name>Ethernet Port Status for AccessPoint</name>
  408.         <class>Availability</class>
  409.         <summary>Ethernet Port Status for AccessPoint </summary>
  410.         <description><![CDATA[ <p>This alert reports the Ethernet Port's Status of the AccessPoint </p>]]></description>
  411.         <action></action>
  412.         <customprotect>1</customprotect>
  413.         <alarmsbypoll>0</alarmsbypoll>
  414.         <pollingname></pollingname>
  415.         <isthreshold>0</isthreshold>
  416.     </expert>
  417.     <!--Ethernet Port Status for AP ends here -->    
  418.  
  419.  
  420.     <!-- In Bandwidth Utilization start from id=7700  to id=7703
  421.     id 7700 : In Bandwidth Utilization for AP, 7701:In Bandwidth Utilization for Switch, 7702:In Bandwidth Utilization for Router, 7703:In Bandwidth Utilization for Server,
  422.     -->
  423.     <expert>
  424.         <id>7701</id>
  425.         <severity>1</severity>
  426.         <enabled>1</enabled>
  427.         <frequency>0</frequency>
  428.         <name>Rx Traffic Utilization for Switch</name>
  429.         <class>Performance</class>
  430.         <summary>In-Bandwidth Utilization for Switch </summary>
  431.         <description><![CDATA[ <p>This alert is generated when the Rx Utilization exceeds the specified threshold limit.</p>]]></description>
  432.         <message>Rx Utilization Exceeded.</message>
  433.         <action></action>
  434.         <groupName>Rx Traffic Utilization</groupName>
  435.         <customprotect>1</customprotect>
  436.         <alarmsbypoll>1</alarmsbypoll>
  437.         <pollingname>InterfaceInUtilizationForSwitch</pollingname>
  438.         <isthreshold>1</isthreshold>
  439.         <thresholdtype>INTEGER</thresholdtype>
  440.         <thresholdvalue>75</thresholdvalue>
  441.         <thresholdname>InterfaceInUtilizationForSwitch</thresholdname>
  442.         <clearmsg>Rx Utilization Normal</clearmsg>        
  443.     </expert>
  444.  
  445.     
  446.     <expert>
  447.         <id>7702</id>
  448.         <severity>1</severity>
  449.         <enabled>1</enabled>
  450.         <frequency>0</frequency>
  451.         <name>Rx Traffic Utilization for Router</name>
  452.         <class>Performance</class>
  453.         <summary>In-Bandwidth Utilization for Router</summary>
  454.         <description><![CDATA[ <p>This alert is generated when the Rx Utilization exceeds the specified threshold limit.</p>]]></description>
  455.         <message>Rx Utilization Exceeded.</message>
  456.         <action></action>
  457.         <groupName>Rx Traffic Utilization</groupName>
  458.         <customprotect>1</customprotect>
  459.         <alarmsbypoll>1</alarmsbypoll>
  460.         <pollingname>InterfaceInUtilizationForRouter</pollingname>
  461.         <isthreshold>1</isthreshold>
  462.         <thresholdtype>INTEGER</thresholdtype>
  463.         <thresholdvalue>75</thresholdvalue>
  464.         <thresholdname>InterfaceInUtilizationForRouter</thresholdname>
  465.         <clearmsg>Rx Utilization Normal</clearmsg>        
  466.     </expert>
  467.     <!-- In Bandwidth Utilization ends here-->    
  468.  
  469.  
  470.  
  471.     <!-- Out Bandwidth Utilization start from id=7710  to id=7713
  472.     id 7710 : Out Bandwidth Utilization for AP, 7711:Out Bandwidth Utilization for Switch, 7712:Out Bandwidth Utilization for Router, 7713:Out Bandwidth Utilization for Server,
  473.     -->
  474.     <expert>
  475.         <id>7711</id>
  476.         <severity>1</severity>
  477.         <enabled>1</enabled>
  478.         <frequency>0</frequency>
  479.         <name>Tx Traffic Utilization for Switch</name>
  480.         <class>Performance</class>
  481.         <summary>Out-Bandwidth Utilization for Switch </summary>
  482.         <description><![CDATA[ <p>This alert is generated when the Tx Utilization exceeds the specified threshold limit.</p>]]></description>
  483.         <message>Tx Utilization Exceeded.</message>
  484.         <action></action>
  485.         <groupName>Tx Traffic Utilization</groupName>
  486.         <customprotect>1</customprotect>
  487.         <alarmsbypoll>1</alarmsbypoll>
  488.         <pollingname>InterfaceOutUtilizationForSwitch</pollingname>
  489.         <isthreshold>1</isthreshold>
  490.         <thresholdtype>INTEGER</thresholdtype>
  491.         <thresholdvalue>75</thresholdvalue>
  492.         <thresholdname>InterfaceOutUtilizationForSwitch</thresholdname>
  493.         <clearmsg>Tx Utilization Normal.</clearmsg>        
  494.     </expert>
  495.  
  496.     
  497.     <expert>
  498.         <id>7712</id>
  499.         <severity>1</severity>
  500.         <enabled>1</enabled>
  501.         <frequency>0</frequency>
  502.         <name>Tx Traffic Utilization for Router</name>
  503.         <class>Performance</class>
  504.         <summary>Out-Bandwidth Utilization for Router</summary>
  505.         <description><![CDATA[ <p>This alert is generated when the Tx Utilization exceeds the specified threshold limit.</p>]]></description>
  506.         <message>Tx Utilization Exceeded.</message>
  507.         <action></action>
  508.         <groupName>Tx Traffic Utilization</groupName>
  509.         <customprotect>1</customprotect>
  510.         <alarmsbypoll>1</alarmsbypoll>
  511.         <pollingname>InterfaceOutUtilizationForRouter</pollingname>
  512.         <isthreshold>1</isthreshold>
  513.         <thresholdtype>INTEGER</thresholdtype>
  514.         <thresholdvalue>75</thresholdvalue>
  515.         <thresholdname>InterfaceOutUtilizationForRouter</thresholdname>
  516.         <clearmsg>Tx Utilization Normal.</clearmsg>        
  517.     </expert>
  518.  
  519.  
  520.     <expert>
  521.         <id>7714</id>
  522.         <severity>1</severity>
  523.         <enabled>1</enabled>
  524.         <frequency>0</frequency>
  525.         <name>Bandwidth Utilization for AccessPoint</name>
  526.         <class>Performance</class>
  527.         <summary>Bandwidth Utilization for AccessPoint </summary>
  528.         <description><![CDATA[ <p>This alert is generated when the utilization exceeds the specified threshold limit.</p>]]></description>
  529.         <message>Interface Utilization Exceeded.</message>
  530.         <action><![CDATA[ <p>Check whether clients connected to the AccessPoint are genuine. If yes, add more AccessPoints to serve clients.</p>]]></action>
  531.         <groupName>Bandwidth Utilization</groupName>
  532.         <customprotect>1</customprotect>
  533.         <alarmsbypoll>1</alarmsbypoll>
  534.         <pollingname>BandwidthDataCollection</pollingname>
  535.         <isthreshold>1</isthreshold>
  536.         <thresholdtype>INTEGER</thresholdtype>
  537.         <thresholdvalue>75</thresholdvalue>
  538.         <thresholdname>BandwidthDataCollection</thresholdname>
  539.         <clearmsg>Interface Utilization Normal.</clearmsg>        
  540.     </expert>
  541.  
  542.     <!-- Out Bandwidth Utilization ends here--> 
  543.  
  544.  
  545.     <!-- Transmit and Receive Error For AP Starts here--> 
  546.  
  547.     <expert>
  548.         <id>7715</id>
  549.         <severity>2</severity>
  550.         <enabled>1</enabled>
  551.         <frequency>0</frequency>
  552.         <name>Transmit Error for AccessPoint</name>
  553.         <class>Operational</class>
  554.         <summary>Transmit Error for AccessPoint </summary>
  555.         <description><![CDATA[ <p>This alert is generated when the Transmit Error exceeds the specified threshold limit.</p>]]></description>
  556.         <message>Transmit Errors Exceeded.</message>
  557.         <action></action>
  558.         <groupName>Interface Errors</groupName>
  559.         <customprotect>1</customprotect>
  560.         <alarmsbypoll>1</alarmsbypoll>
  561.         <pollingname>TransmitErrorsForAP</pollingname>
  562.         <isthreshold>1</isthreshold>
  563.         <thresholdtype>INTEGER</thresholdtype>
  564.         <thresholdvalue>500</thresholdvalue>
  565.         <thresholdname>TransmitErrorsForAP</thresholdname>
  566.         <clearmsg>Transmit Errors Receded.</clearmsg>        
  567.     </expert>
  568.  
  569.  
  570.     <expert>
  571.         <id>7716</id>
  572.         <severity>2</severity>
  573.         <enabled>1</enabled>
  574.         <frequency>0</frequency>
  575.         <name>Recieve Error for AccessPoint</name>
  576.         <class>Operational</class>
  577.         <summary>Recieve Error for AccessPoint </summary>
  578.         <description><![CDATA[ <p>This alert is generated when the Recieve Error exceeds the specified threshold limit.</p>]]></description>
  579.         <message>Recieve Errors Exceeded.</message>
  580.         <action></action>
  581.         <groupName>Interface Errors</groupName>
  582.         <customprotect>1</customprotect>
  583.         <alarmsbypoll>1</alarmsbypoll>
  584.         <pollingname>ReceiveErrorsForAP</pollingname>
  585.         <isthreshold>1</isthreshold>
  586.         <thresholdtype>INTEGER</thresholdtype>
  587.         <thresholdvalue>500</thresholdvalue>
  588.         <thresholdname>ReceiveErrorsForAP</thresholdname>
  589.         <clearmsg>Recieve Errors Receded.</clearmsg>        
  590.     </expert>
  591.  
  592.  
  593.     <!-- Transmit and Receive Error For AP Ends here--> 
  594.  
  595.  
  596.  
  597.     <!-- RF Port Errors id=7500 to 7504 -->
  598.     <!-- RF Port Packet Errors(FCS) id=7500, WEP ICV Errors id = 7501, WEP Undecrypt Error id = 7502, Frame Retries id= 7503   -->
  599.     <expert>
  600.         <id>7500</id>
  601.         <severity>1</severity>
  602.         <enabled>1</enabled>
  603.         <frequency>0</frequency>
  604.         <name>RF Port Packet Errors</name>
  605.         <class>Operational</class>
  606.         <summary>RF Port Packet Errors </summary>
  607.         <description><![CDATA[ <p>This alert is generated when the RF Port Packet Errors exceeds the specified threshold limit.</p>]]></description>
  608.         <message>Packet Errors Exceeded.</message>
  609.         <action></action>
  610.         <groupName>RF Port Errors</groupName>
  611.         <customprotect>1</customprotect>
  612.         <alarmsbypoll>1</alarmsbypoll>
  613.         <pollingname>P802_11APFCSErrorRate</pollingname>
  614.         <isthreshold>1</isthreshold>
  615.         <thresholdtype>INTEGER</thresholdtype>
  616.         <thresholdvalue>400</thresholdvalue>
  617.         <thresholdname>P802_11APFCSErrorRate</thresholdname>
  618.         <clearmsg>Packet Errors Receded.</clearmsg>        
  619.     </expert>
  620.  
  621.  
  622.     <expert>
  623.         <id>7501</id>
  624.         <severity>1</severity>
  625.         <enabled>1</enabled>
  626.         <frequency>0</frequency>
  627.         <name>RF Port WEP ICV Errors </name>
  628.         <class>Operational</class>
  629.         <summary>RF Port WEP ICV Errors </summary>
  630.         <description><![CDATA[ <p>This alert is generated when the RF Port WEP Errors exceeds the specified threshold limit.</p>]]></description>
  631.         <message>WEP Errors Exceeded.</message>
  632.         <action></action>
  633.         <groupName>RF Port Errors</groupName>
  634.         <customprotect>1</customprotect>
  635.         <alarmsbypoll>1</alarmsbypoll>
  636.         <pollingname>P802_11APWEPICVErrorRate</pollingname>
  637.         <isthreshold>1</isthreshold>
  638.         <thresholdtype>INTEGER</thresholdtype>
  639.         <thresholdvalue>400</thresholdvalue>
  640.         <thresholdname>P802_11APWEPICVErrorRate</thresholdname>
  641.         <clearmsg>WEP Errors Receded.</clearmsg>        
  642.     </expert>
  643.  
  644.     
  645.     <expert>
  646.         <id>7502</id>
  647.         <severity>1</severity>
  648.         <enabled>1</enabled>
  649.         <frequency>0</frequency>
  650.         <name>RF Port WEP Undecryptable Errors </name>
  651.         <class>Operational</class>
  652.         <summary>RF Port WEP Undecryptable Errors </summary>
  653.         <description><![CDATA[ <p>This alert is generated when the number of undecryptable WEP packets exceeds the specified threshold limit.</p>]]></description>
  654.         <message>Undecryptable WEP Packets Exceeded.</message>
  655.         <action></action>
  656.         <groupName>RF Port Errors</groupName>
  657.         <customprotect>1</customprotect>
  658.         <alarmsbypoll>1</alarmsbypoll>
  659.         <pollingname>P802_11APWEPDecryptErrorRate</pollingname>
  660.         <isthreshold>1</isthreshold>
  661.         <thresholdtype>INTEGER</thresholdtype>
  662.         <thresholdvalue>400</thresholdvalue>
  663.         <thresholdname>P802_11APWEPDecryptErrorRate</thresholdname>
  664.         <clearmsg>Undecryptable WEP Packets Receded.</clearmsg>        
  665.     </expert>
  666.  
  667.     
  668.     <expert>
  669.         <id>7503</id>
  670.         <severity>1</severity>
  671.         <enabled>1</enabled>
  672.         <frequency>0</frequency>
  673.         <groupName>RF Port Errors</groupName>
  674.         <name>AccessPoint Max Frame Retry Count </name>
  675.         <class>Operational</class>
  676.         <summary>AccessPoint Max Frame Retry Count </summary>
  677.         <description><![CDATA[ <p>This alert is generated when the number of frame retries exceeds the specified threshold limit.</p>]]></description>
  678.         <message>Frame Retries Exceeded.</message>
  679.         <action><![CDATA[ <p>Check for nearby AccessPoints operating in same channel.</p>]]></action>
  680.         <customprotect>1</customprotect>
  681.         <alarmsbypoll>1</alarmsbypoll>
  682.         <pollingname>P802_11APFRRate</pollingname>
  683.         <isthreshold>1</isthreshold>
  684.         <thresholdtype>INTEGER</thresholdtype>
  685.         <thresholdvalue>400</thresholdvalue>
  686.         <thresholdname>P802_11APFRRate</thresholdname>
  687.         <clearmsg>Frame Retries Receded.</clearmsg>        
  688.     </expert>
  689.  
  690.     <!-- Max Retry Count ends here    -->
  691.  
  692.  
  693.     <!-- TRAP related alarms-->
  694.     <expert>
  695.         <id>8001</id>
  696.         <severity>3</severity>
  697.         <enabled>1</enabled>
  698.         <frequency>0</frequency>
  699.         <groupName>Traps</groupName>
  700.         <name>802.11 Authentication Failure</name>
  701.         <class>Vulnerability</class>
  702.         <summary>802.11 Authentication Failure </summary>
  703.         <description><![CDATA[ <p>This alarm indicates that 802.11 authentication failed for an access point. This might be due to a rogue client attack or an authentication flood attack. </p>]]></description>
  704.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  705.         <customprotect>1</customprotect>
  706.         <alarmsbypoll>0</alarmsbypoll>
  707.         <pollingname></pollingname>
  708.         <isthreshold>0</isthreshold>
  709.     </expert>
  710.  
  711.  
  712.     <expert>
  713.         <id>8002</id>
  714.         <severity>3</severity>
  715.         <enabled>1</enabled>
  716.         <frequency>0</frequency>
  717.         <groupName>Traps</groupName>
  718.         <name>Symbol 4131 ACL Violation</name>
  719.         <class>Vulnerability</class>
  720.         <summary>  Symbol 4131 ACL Violation </summary>
  721.         <description><![CDATA[ <p>This alarm indicates that a mobile client which is not in the Access Control List of the AccessPoint is trying to associate with it. This might be a rogue client or it might be an authentication storm attack.</p>]]></description>
  722.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  723.         <customprotect>1</customprotect>
  724.         <alarmsbypoll>0</alarmsbypoll>
  725.         <pollingname></pollingname>
  726.         <isthreshold>0</isthreshold>
  727.     </expert>
  728.  
  729.  
  730.     <expert>
  731.         <id>8003</id>
  732.         <severity>3</severity>
  733.         <enabled>1</enabled>
  734.         <frequency>0</frequency>
  735.         <groupName>Performance Traps</groupName>
  736.         <name>Symbol 4131 RF Interference</name>
  737.         <class>Performance</class>
  738.         <summary>Symbol 4131 RF Interference</summary>
  739.         <description><![CDATA[ <p>This alarm indicates that the AccessPoint experiences RF interference. This might be due to channel collision between neighboring AccessPoints.</p>]]></description>
  740.         <action><![CDATA[Move neighboring AccessPoints to different channels.]]></action>
  741.         <customprotect>1</customprotect>
  742.         <alarmsbypoll>0</alarmsbypoll>
  743.         <pollingname></pollingname>
  744.         <isthreshold>0</isthreshold>
  745.     </expert>
  746.  
  747.     
  748.     <expert>
  749.         <id>8004</id>
  750.         <severity>3</severity>
  751.         <enabled>1</enabled>
  752.         <frequency>0</frequency>
  753.         <groupName>Performance Traps</groupName>
  754.         <name>Symbol 4131 Max Associations</name>
  755.         <class>Performance</class>
  756.         <summary>Symbol 4131 Max Associations</summary>
  757.         <description><![CDATA[ <p>This alarm indicates that the access point has reached the maximum number of associations. Any new association beyond this limit will be dropped the AccessPoint.</p>]]></description>
  758.         <action><![CDATA[Add more access points if this place is thickly populated by mobile clients.]]></action>
  759.         <customprotect>1</customprotect>
  760.         <alarmsbypoll>0</alarmsbypoll>
  761.         <pollingname></pollingname>
  762.         <isthreshold>0</isthreshold>
  763.     </expert>
  764.  
  765.  
  766.     <expert>
  767.         <id>8005</id>
  768.         <severity>3</severity>
  769.         <enabled>1</enabled>
  770.         <frequency>0</frequency>
  771.         <groupName>Traps</groupName>
  772.         <name>Symbol 4121 ACL Violation</name>
  773.         <class>Vulnerability</class>
  774.         <summary>Symbol 4121 ACL Violation</summary>
  775.         <description><![CDATA[ <p>This alarm indicates that a mobile client which is not in the Access Control List of the AccessPoint is trying to associate with it. This might be a rogue client or it might be an authentication storm attack.</p>]]></description>
  776.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  777.         <customprotect>1</customprotect>
  778.         <alarmsbypoll>0</alarmsbypoll>
  779.         <pollingname></pollingname>
  780.         <isthreshold>0</isthreshold>
  781.     </expert>
  782.  
  783.  
  784.     <expert>
  785.         <id>8006</id>
  786.         <severity>3</severity>
  787.         <enabled>1</enabled>
  788.         <frequency>0</frequency>
  789.         <groupName>Performance Traps</groupName>
  790.         <name>Symbol 4121 RF Interference</name>
  791.         <class>Performance</class>
  792.         <summary>Symbol 4121 RF Interference</summary>
  793.         <description><![CDATA[ <p>This alarm indicates that the AccessPoint experiences RF interference. This might be due to channel collision between neighboring AccessPoints.</p>]]></description>
  794.         <action><![CDATA[Move neighboring AccessPoints to different channels.]]></action>
  795.         <customprotect>1</customprotect>
  796.         <alarmsbypoll>0</alarmsbypoll>
  797.         <pollingname></pollingname>
  798.         <isthreshold>0</isthreshold>
  799.     </expert>
  800.  
  801.     
  802.     <expert>
  803.         <id>8007</id>
  804.         <severity>3</severity>
  805.         <enabled>1</enabled>
  806.         <frequency>0</frequency>
  807.         <groupName>Performance Traps</groupName>
  808.         <name>Symbol 4121 Max Associations</name>
  809.         <class>Performance</class>
  810.         <summary>Symbol 4121 Max Associations</summary>
  811.         <description><![CDATA[ <p>This alarm indicates that the access point has reached the maximum number of associations. Any new association beyond this limit will be dropped the AccessPoint.</p>]]></description>
  812.         <action><![CDATA[Add more access points if this place is thickly populated by mobile clients.]]></action>
  813.         <customprotect>1</customprotect>
  814.         <alarmsbypoll>0</alarmsbypoll>
  815.         <pollingname></pollingname>
  816.         <isthreshold>0</isthreshold>
  817.     </expert>
  818.  
  819.  
  820.     <expert>
  821.         <id>8008</id>
  822.         <severity>3</severity>
  823.         <enabled>1</enabled>
  824.         <frequency>0</frequency>
  825.         <groupName>Traps</groupName>
  826.         <name>Symbol 3021 ACL Violation</name>
  827.         <class>Vulnerability</class>
  828.         <summary>Symbol 3021 ACL Violation</summary>
  829.         <description><![CDATA[ <p>This alarm indicates that a mobile client which is not in the Access Control List of the AccessPoint is trying to associate with it. This might be a rogue client or it might be an authentication storm attack.</p>]]></description>
  830.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  831.         <customprotect>1</customprotect>
  832.         <alarmsbypoll>0</alarmsbypoll>
  833.         <pollingname></pollingname>
  834.         <isthreshold>0</isthreshold>
  835.     </expert>
  836.  
  837.  
  838.     <expert>
  839.         <id>8009</id>
  840.         <severity>3</severity>
  841.         <enabled>1</enabled>
  842.         <frequency>0</frequency>
  843.         <groupName>Performance Traps</groupName>
  844.         <name>Symbol 3021 RF Interference</name>
  845.         <class>Performance</class>
  846.         <summary>Symbol 3021 RF Interference</summary>
  847.         <description><![CDATA[ <p>This alarm indicates that the AccessPoint experiences RF interference. This might be due to channel collision between neighboring AccessPoints.</p>]]></description>
  848.         <action><![CDATA[Move neighboring AccessPoints to different channels.]]></action>
  849.         <customprotect>1</customprotect>
  850.         <alarmsbypoll>0</alarmsbypoll>
  851.         <pollingname></pollingname>
  852.         <isthreshold>0</isthreshold>
  853.     </expert>
  854.  
  855.     
  856.     <expert>
  857.         <id>8010</id>
  858.         <severity>3</severity>
  859.         <enabled>1</enabled>
  860.         <frequency>0</frequency>
  861.         <groupName>Traps</groupName>
  862.         <name>Symbol 3021 Max Associations</name>
  863.         <class>Vulnerability</class>
  864.         <summary>Symbol 3021 Max Associations</summary>
  865.         <description><![CDATA[ <p>This alarm indicates that the access point has reached the maximum number of associations. Any new association beyond this limit will be dropped the AccessPoint.</p>]]></description>
  866.         <action><![CDATA[Add more access points if this place is thickly populated by mobile clients.]]></action>
  867.         <customprotect>1</customprotect>
  868.         <alarmsbypoll>0</alarmsbypoll>
  869.         <pollingname></pollingname>
  870.         <isthreshold>0</isthreshold>
  871.     </expert>
  872.  
  873.  
  874.     <expert>
  875.         <id>8011</id>
  876.         <severity>3</severity>
  877.         <enabled>1</enabled>
  878.         <frequency>0</frequency>
  879.         <groupName>Performance Traps</groupName>
  880.         <name>Proxim RF Interference</name>
  881.         <class>Performance</class>
  882.         <summary>Proxim RF Interference</summary>
  883.         <description><![CDATA[ <p>This alarm indicates that the AccessPoint experiences RF interference. This might be due to channel collision between neighboring AccessPoints.</p>]]></description>
  884.         <action><![CDATA[Move neighboring AccessPoints to different channels.]]></action>
  885.         <customprotect>1</customprotect>
  886.         <alarmsbypoll>0</alarmsbypoll>
  887.         <pollingname></pollingname>
  888.         <isthreshold>0</isthreshold>
  889.     </expert>
  890.  
  891.  
  892.     <expert>
  893.         <id>8012</id>
  894.         <severity>3</severity>
  895.         <enabled>1</enabled>
  896.         <frequency>0</frequency>
  897.         <groupName>Traps</groupName>
  898.         <name>Proxim No Authentication</name>
  899.         <class>Vulnerability</class>
  900.         <summary>Proxim No Authentication</summary>
  901.         <description><![CDATA[ <p>This alarm indicates that the AccessPoint serves Mobile Clients without authenticating them.  This is a serious security threat.</p>]]></description>
  902.         <action><![CDATA[Enable Authentication in the AccessPoint]]></action>
  903.         <customprotect>1</customprotect>
  904.         <alarmsbypoll>0</alarmsbypoll>
  905.         <pollingname></pollingname>
  906.         <isthreshold>0</isthreshold>
  907.     </expert>
  908.  
  909.  
  910.     <expert>
  911.         <id>8013</id>
  912.         <severity>3</severity>
  913.         <enabled>1</enabled>
  914.         <frequency>0</frequency>
  915.         <groupName>Traps</groupName>
  916.         <name>Proxim Invalid Encryption</name>
  917.         <class>Vulnerability</class>
  918.         <summary>Proxim Invalid Encryption</summary>
  919.         <description><![CDATA[ <p>This alarm indicates that a mobile client tried to connect to this AccessPoint using an invalid encryption key. This might be an attack.</p>]]></description>
  920.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  921.         <customprotect>1</customprotect>
  922.         <alarmsbypoll>0</alarmsbypoll>
  923.         <pollingname></pollingname>
  924.         <isthreshold>0</isthreshold>
  925.     </expert>
  926.  
  927.     
  928.     <expert>
  929.         <id>8014</id>
  930.         <severity>3</severity>
  931.         <enabled>1</enabled>
  932.         <frequency>0</frequency>
  933.         <groupName>Traps</groupName>
  934.         <name>Proxim Authentication Failure</name>
  935.         <class>Vulnerability</class>
  936.         <summary>Proxim Authentication Failure</summary>
  937.         <description><![CDATA[ <p>This alarm indicates that a mobile client failed to authenticate with the access point. This might be a rogue client or an attack.</p>]]></description>
  938.         <action><![CDATA[Check whether the mobile client is genuine.]]></action>
  939.         <customprotect>1</customprotect>
  940.         <alarmsbypoll>0</alarmsbypoll>
  941.         <pollingname></pollingname>
  942.         <isthreshold>0</isthreshold>
  943.     </expert>
  944.  
  945.  
  946.     <!-- Associated Clients id=7124 -->    
  947.     <expert>
  948.         <id>7124</id>
  949.         <severity>1</severity>
  950.         <enabled>1</enabled>
  951.         <frequency>0</frequency>
  952.         <name>Associated Clients</name>
  953.         <class>Operational</class>
  954.         <summary>Associated Clients</summary>
  955.         <description><![CDATA[ <p>This alert is generated when the number of associated mobile users on an access point exceeds the specified threshold limit </p>]]></description>
  956.         <message>Number of associated Mobile Users Exceeded.</message>
  957.         <action><![CDATA[ <p>Check whether clients connected to the AccessPoint are genuine. If yes, add more AccessPoints to serve clients.</p>]]></action>
  958.         <customprotect>1</customprotect>
  959.         <alarmsbypoll>1</alarmsbypoll>
  960.         <pollingname>WLANAPAssociationPoll</pollingname>
  961.         <isthreshold>1</isthreshold>
  962.         <thresholdtype>INTEGER</thresholdtype>
  963.         <thresholdname>WLANAPAssociationPoll</thresholdname>
  964.         <thresholdvalue>20</thresholdvalue>
  965.         <clearmsg>Number of associated Mobile Users Normal.</clearmsg>    
  966.     </expert>
  967.     <!-- Associated Clients ends here    -->
  968.  
  969.  
  970.     <!-- $Id: WLANCustomExpert.xml,v 1.58 2006/12/06 11:55:44 elumalais Exp $ -->
  971.  
  972.     <expert>
  973.         <id>4012</id>
  974.         <enabled>1</enabled>
  975.         <name>Rogue MobileUnit Detected</name>
  976.         <severity>2</severity>
  977.         <class>Intrusion</class>
  978.         <frequency>1</frequency>
  979.         <summary>Mobile Unit  with unauthorized MacAddress/Vendor detected</summary>
  980.         <alerttemplate></alerttemplate>
  981.         <description><![CDATA[<p>Client with unauthorized MAC address/Vendor detected. WLAN Administrators can import the list of authorized MAC Address or vendors into WiFi Manager, if the MAC address of the discovered client is not in the authorized MAC list, or if the client device is from a vendor not authorized by the WLAN Administrator, the client is marked as rogue.  Sometimes this client device could also be a new device the MAC Address of which is still not updated in the authorized MAC list. </p>]]></description>
  982.         <detailsurl> <![CDATA[/fault/ShowAlarmDetails.do?uri=/webclient/fault/html/Intrusion-Rogue-Client-detection.html]]></detailsurl>
  983.         <action><![CDATA[<p>Add the MAC to authorized MAC list if the client is legitimate. Marking the client as trusted, from WiFi Manager inventory page, will automatically add the (MAC Address,Vendor) to the authorized list. If it is not a legitimate client, remove it physically or block it from the network by adding its MAC to the blocked list of all the AccessPoint's Access Control List.
  984.         </p>]]></action>
  985.         <clearmsg>Mobile Client added to the trusted list.</clearmsg>
  986.     </expert>
  987.  
  988.  
  989.     <expert>
  990.         <id>4011</id>
  991.         <enabled>1</enabled>
  992.         <name>Rogue AccessPoint Detected</name>
  993.         <severity>2</severity>
  994.         <class>Intrusion</class>
  995.         <frequency>1</frequency>
  996.         <summary>AccessPoint with unauthorized MAC address/SSID/Channel/Vendor detected</summary>
  997.         <alerttemplate></alerttemplate>
  998.         <description><![CDATA[<p>A new access point with unauthorized MAC Address/SSID/Channel/Vendor detected. Possible reasons for this alarm are -
  999.                 <ul>
  1000.                     <li>Installation of a new, legitimate access point, which doesn't satisfy the criteria defined by WLAN Administrator to qualify as trusted."</li>
  1001.                     <li>Detection of an AccessPoint in neighboring premises that is not connected to your WLAN.</li>
  1002.                     <li>Accidental or intentional connection of a new rogue AccessPointi by an employee.</li>
  1003.                     <li>An AccessPoint run by an attacker masquerading as a real AccessPoint.</li>
  1004.         </ul></p>]]></description>
  1005.         <action><![CDATA[<p>Add the MAC to authorized MAC list if the AP is legitimate. Marking the AccessPoint as trusted will automatically add the MAC to the authorized list.Remove AccessPoint from the network using the block switch port option, if the AccessPoint is truly a rogue AccessPoint.
  1006.         </p>]]></action>
  1007.         <detailsurl> <![CDATA[/fault/ShowAlarmDetails.do?uri=/webclient/fault/html/Intrusion-Rogue-AP-detection.html]]></detailsurl>
  1008.         <clearmsg>Access point added to the trusted list.</clearmsg>
  1009.     </expert>
  1010.  
  1011.  
  1012. </expert-list>
  1013.