Reports

Applies To: Wi-Fi Cloud-managed Access Points (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420) This topic applies to Wi-Fi 5 access points you manage in Wi-Fi Cloud (AP120, AP125, AP225W, AP320, AP322, AP325, AP327X, AP420).

With Discover you can generate predefined reports about your Wi-Fi networks.

You can generate and download these types of reports:

• Wi-Fi network device inventory
• WIPS security
• Alerts
• Compliance reports based on the Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), Gramm-Leach-Bliley (GLBA), Payment Card Industry (PCI) Standard, and many others.
• Visibility and association analytics data

Reports are available in HTML and XLSX formats. You can immediately generate instantaneous reports, schedule reports, and you can also archive the reports for future reference.

Schedule a Report

To schedule a report, click .

• Report Format — You can select HTML or XLSX format.
• Language — You can select English or Japanese.
• Frequency — Select a One Time or Recurring report. Select the date and time for a one time report, or the schedule for a recurring report.
• Report Data Range — Select a Fixed or Custom data range. Select the date and time range for your selection.
• Archival Setting — Select Auto Delete to automatically delete reports that are older than the specified number of days. Select Never Delete to keep all generated reports.
• Email — Type one or more email addresses that will receive the generated report. The email contains a link to the report and a zip file of the report data in JSON format. The report is available from the provided link for the specified period of time. If the link has expired, you can upload the report data attached to the message to view the report.

Click Schedule to schedule the report.

Generate an Instantaneous Report

To generate an instantaneous report, click .

An instantaneous report uses a fixed data range for the last 30 minutes.

• Report Format — Select HTML or XLSX format.
• Archive Report — Select Auto Delete to automatically delete reports on the date you specify. Select Never Delete to keep all generated reports.

Click Generate to generate your report.

Archived Reports

You can archive reports so that you can view them later.

To view archived reports, select Reports, then select the Archived tab.

When the report archival quota of a user is reached, no more reports can be archived unless you delete older reports. Right-click an archived report and select Change Auto Delete Settings to define the date when an archived report should be deleted, or you can disable auto-deletion for a report.

Scheduled Reports

To view a list of scheduled reports, select Reports, then select the Scheduled tab.

Report Types

You can select these report types:

• Inventory Reports
• Connectivity Reports
• WIPS Reports
• Compliance Reports
• Alerts Reports

Inventory Reports

Inventory reports contain a list of your Wi-Fi devices.

• WiFi Clients — This report provides a complete inventory of the Wi-Fi clients associated with managed access points.

• WiFi Access Points — This report provides a complete inventory of your managed Wi-Fi access points.
• WiFi Access Point Details — This report provides details of your managed Wi-Fi access points, including the active SSIDs for each radio, and wired-side details such as switch, port, and link speed.
• WiFi Tunnels — This report provides a complete inventory of the tunnels used in the network, including the type, status, and endpoints of the tunnel.

Connectivity Reports

Analytics data is available for both wireless clients that are visible to APs and wireless clients that associate with APs.

• Visibility analytics provide information about clients in the vicinity of APs.
• Association analytics provide information about the clients that connect to or associate with APs.

You can use the analytics data in several ways. For example, you can find the number of clients in and around the retail store with visibility analytics. Similarly, you can gain insight into the activity of the authorized clients, guest clients, and the SSIDs used by these clients with association analytics. With association and visibility analytics, you can establish network usage patterns, such as visitors to the store and the number of visitors in the store at various times of the day.

Visibility Analytics

To download visibility analytics:

1. Select the Visibility Analytics option.
2. Select the start and end date for the report.
3. Click Download.

The Visibility Analytics file contains this data:

• Client MAC address
• Client MAC addresses are hashed for security purposes.
• Location of the client
• Best received signal strength indication (RSSI)
• MAC address of the sensor reporting the best RSSI
• Client session duration
• Activity stop time (GMT)
• Activity stop time in the local time zone of the user
• Local time zone

For analytics data related to a location floor or folder, the data uses the local time zone set for the immediate parent location folder. If the time zone for the location folder is not set, this field shows the activity stop time based on the time zone.

A wireless client can be visible to multiple APs. The AP that reports the highest RSSI is recorded in the report.

Association Analytics

To download association analytics:

1. Select the Association Analytics option.
2. Select the start and end date for the report.
3. Click Download.

The Association Analytics file contains this data:

• Client MAC address
• Client MAC addresses are hashed for security purposes.
• Protocol
• SSID
• Location
• Association start time (GMT) of the client
• Association end time (GMT)
• Association start time of the client in the local time zone of the user
• Association end time of the client in the local time zone of the user
• Session duration
• Data transfer from the client device in bytes
• Data transfer to the client device in bytes
• Data rate in Kbps
• Smart device type
• Local time zone
• Location ID
• Domains accessed

Top domains appear in the Domains Accessed column of the file in this format:

<Domain name> (<data transferred to the domain>/<data received from the domain>).

The | symbol separates multiple domains.

To collect Internet domain information, in the Analytics tab of an SSID profile, select the Association analytics and Web Site URLs access by WiFi Users check box. If you disable these options, the Domains Accessed column will not show any data. For more information, see Configure SSID Settings.

WIPS Reports

Inventory

• WIPS Clients — This report provides a complete inventory of detected clients, including the WIPS classification of the client, the prevention status, and if the client is banned.
• WIPS Access Points — This report provides a complete inventory of APs detected by the system, including the WIPS classification of the AP, the reason why the AP violates a security policy, the prevention status, and the authentication mechanism used by the AP.
• Managed WiFi Device Inventory — This report provides a summary of all your managed Wi-Fi devices.

• WIPS Managed WiFi Devices — This report provides a complete inventory of managed Wi-Fi devices. Managed Wi-Fi devices include APs, sensors, AP-sensor combo devices, and network detectors.
• WIPS Networks — This report provides a complete inventory of the networks detected by the system, including the gateway MAC address and the network type.

Policies Enforcement

• Airspace Risk Assessment — This report is the first step towards a wireless vulnerability assessment of your network and managing its wireless security posture. The report gives you visibility into your airspace, such as the number and type of wireless devices in your environment, and records the presence of vulnerabilities and potential threats to your network. After you identify your authorized Wi-Fi devices, the Wireless Manager can classify vulnerabilities and threats more accurately in the future, and recommend the most suitable remedial actions to improve your wireless security posture.

• Wireless Vulnerability Assessment — This report is an assessment of the wireless security posture of your network. It lists the number and type of wireless devices detected in your environment, and records the presence of vulnerabilities and threats they pose to your network. Vulnerabilities are classified and ranked in terms of their severity and urgency of response.
• Security Status — This report provides the list of alerts that contributed to the security status of your network during the selected reporting period.
• Wireless Intrusion Prevention Summary — This report provides a summary of wireless intrusion prevention activities during the selected reporting period.
• Access Point Listing — This report provides the list of detected access points and their classification at the time of report generation.
• Detailed Client Listing — This report provides a complete inventory of all clients detected by the system. Information about clients is further split into various sections, based on client folders.
• WIPS Alerts — This report provides a list of security events detected by the system. Security events related to quarantine and DoS prevention activities are not included in this report.

Compliance Reports

Compliance reports are related to wireless security vulnerabilities, federal agencies, and other regulatory organizations.

• SOX Wireless Compliance — The Sarbanes-Oxley (SOX) Act of 2002 was passed by the US Congress as a comprehensive legislation to reform the accounting practices, financial disclosures, and corporate governance of public companies. SOX applied to all companies that are publicly traded in the United States and regulated by the Security and Exchange Commission (SEC).

• GLBA Wireless Compliance — The Gramm-Leach Biley Act (GLBA) of 1999 mandates that financial institutions protect the security and confidentiality of the personally identifiable financial information of their customers. Periodic generation and archive of this GLBA report establishes that your organization has safeguards to prevent financial data leakage through wireless.
• HIPAA Wireless Compliance — The Health Insurance Portability and Accountability Act (HIPAA) of 1996 by the Department of Health and Human Services (DHHS) mandates that healthcare organizations must safeguard the privacy and security of patient health information transmitted electronically.
• PCI DSS Wireless Compliance — Payment Card Industry Data Security Standard (PCI DSS) defines recommended security controls for protecting cardholder data. PCI DSS was defined by a consortium of credit card companies, including VISA and MasterCard. The requirements of the PCI standard apply to all members, merchants, and service providers that store, process, and transmit cardholder data.
• PCI DSS Wireless Compliance Internal Audit — PCI DSS Wireless Compliance Report is relevant for only those VLANs that process or store credit card data. These VLANs are commonly known as a cardholder data environment (CDE). Violations reported in the PCI DSS Wireless Compliance Report are based on wireless security incidents that occur on a CDE network.
• DoD Directive 8100.2 Compliance — The sections of this report list the wireless vulnerabilities detected in your network and the severity of security risk caused by these vulnerabilities.
• MITS Wireless Compliance — The Management of Information Technology Security (MITS) is an operational security standard established by Treasury Board of Canada Secretariat. This standard (established in 2004) defines baseline security requirements that Canadian federal departments must fulfill to ensure the security of information and information technology (IT) assets under their control. MITS seeks to protect the confidentiality, integrity, and availability of information and IT assets.

Alerts Reports

• Alerts System — This report provides details of the System alerts generated in the specified duration.
• Alerts WiFi — This report provides details of the Wi-Fi alerts generated in the specified duration.
• Alerts WIPS — This report provides details on the security-related alerts generated by the system. Security alerts related to quarantine and DoS prevention activities are not included in this report.