FAQs

NetCloud Manager

Summary

The Applications Tab within NCM allows you to purchase, try and manage applications within NCM.


 

Overview

The Applications tab will display all available applications.

You can purchase or try an application by selecting the appropriate button.

Once your account has the application entitled the Buy and Try buttons will be replaced by a Manage button.

User-added image

Clicking Try will create a trial entitlement for 10 devices.

Clicking Buy will bring up a tab for locating a partner to purchase the entitlement.

By clicking Manage you can Add or Remove devices. You can also determine which devices are entitled.

User-added image

To Add a device to an entitlement click the Add button. You will be presented with a dialog to select routers to add. You can locate devices with the Search field by Name or MAC or Product as needed. Place a checkmark next to the device(s) you wish to add to the entitlement and the press Save.

User-added image

To Remove devices from an entitlement, select the device(s) you wish to remove and then press Remove.

User-added image

In the right column you can find the following information:

  • Entitlement Details
    • Available: Remaining entitlements
    • Assigned: How many entitlements have been applied to devices
    • Non NCM Devices: Devices with this entitlement that are not in NCM
    • Total Allowed: Total number of entitlements purchased.
  • Buy More: Buy more entitlements
  • Features: What the entitlement offers
  • Requirements: Any requirements placed upon the entitlement
  • Support Products: Which Cradlepoint products will work with this application
  • Supported NetCloud OS Version: NCOS requirements for devices to use this entitlement

User-added image

Permalink


NETCloud Manager

The default NCM configuration generates the approximate data usage that is presented below. Protocol and carrier overhead can increase these values but these values do provide a generally good rule of thumb for data generated by use of NCM.

IMPORTANT: Things that could dramatically increase your data usage:

  1. Enabling logging, stats and alerting
  2. A high number of events being logged on the router
  3. Firmware upgrades pushed from NCM
  4. Modem disconnecting and reconnecting loops.

Routers managed through NCM:

  • By default, a Connection Pulse that are approximately 66 bytes is sent to NCM every 2 minutes.
    So 720 heartbeats/day x 66 bytes = 47520 bytes/day, 47520 bytes/day x 30 = 1,425,600 bytes/month (1.43 MB/month).
  • By default Usage Reporting that are approximately 10-20KB per report (depending on how many WAN devices are utilized on the Cradlepoint router) are sent to NCM every hour.
    So 20 KB/hour x 24 = 480 KB/day; 480 KB/day x 30 = 14400 KB/month (.014 GB/month or 14 MB/month)
  • By default Log Reports that are approximately 100KB (depending on how many events are logged on the router) are sent to NCM every hour. These reports can vary in size dramatically depending on events that are logged on the router; client connects/disconnect, modem state, etc.
    So a minimum amount of data sent would be 100 KB/hour x 24 hours = 2400 KB/day; 2400 KB/day x 30 = 72000 KB/month (.069 GB/month or 69 MB/month).

Routers not managed through NCM:

  • Every time the router is powered on it sends a 50 byte heartbeat to the NCM Server and then sends a heartbeat every 86400 seconds, (once per day).
    So the volume of data generated is approximately 50 bytes/day x 30 days = 1500 bytes/month (.0000014 GB/month or .0014 MB/month).

(The timers above can be adjusted higher or lower, depending on your data caps).


Advanced Failure Check

A ping packet is 64 bytes of data. If Advanced Failure Check set to an Idle Check Interval to 3600 (1 ping per hour) would generate 64 bytes/hour x 24 hours = 1536 bytes/day.
Then 1536 bytes/day x 30 days = 46080 bytes/month (.000042 GB/month or .042 MB/month).

NOTE: Increasing the time interval on NCM check in or Advanced Failure Check will cause data generation to increase.

Permalink


Summary

This article describes how to set up alerts, export reports, and export logs from NetCloud Manager (NCM).

NOTE: On July 13, 2017, NetCloud Alerts currently generated from the legacy Enterprise Cloud Manager (ECM) will be updated with the name change to NetCloud Manager (NCM). Automated systems that consume this information may need to be updated accordingly.
Email and API Alert changes include:

  • Alert titles will change from “Cradlepoint ECM Alert Notification” to “Cradlepoint NCM Alert Notification”
  • Alert subjects will change from “ECM Alert: <friendly info>” to “NCM Alert: <friendly info>”
  • Emailed Alert summary report subject will change from “ECM Alert Summary” to “NCM Alert Summary”
  • Connection State Alert name will change from “ECM Connection State” to “NCM Connection State”
  • Firmware Upgrade alert name will change from “Firmware Upgrade” to “NetCloud OS Upgrade” with an alert description changing to “The router NetCloud OS was successfully upgraded to X.X.X”

Setting Up Alerts

The Alerts page has two views for tracking device status changes:

  • The Log view shows a list of alerts sent from the routers to NCM.
  • The Settings view shows rules for alerts, including email notifications.

Toggle between these two views by clicking on the buttons at the top left.

User-added image

Alerts are of the following types (see Definitions below):

  • Configuration Change
  • Configuration Rejected
  • Configuration Unacknowledged
  • Ethernet WAN Disconnected
  • Ethernet WAN Plugged In
  • Ethernet WAN Unplugged
  • Data Cap Threshold
  • Device Location Unknown
  • NCM Connection State
  • Firmware Upgrade
  • Geofence Proximity Change
  • Reboot
  • Temperature Limit Exceeded
  • Modem WAN Connected
  • Modem WAN Device Plugged In
  • Modem WAN Device Unplugged
  • Modem WAN Disconnected
  • WAN Service Type
  • Account Locked
  • Failed Login Attempt
  • Intrusion Activity
  • IP Address Banned
  • IPS Engine Failure
  • Successful Login
  • Unrecognized Client
  • WiFi as WAN Connected
  • WiFi as WAN Disconnected
  • WiFi as WAN Network Available
  • WiFi as WAN Network Unavailable

To enable alerts, including emailed notifications, first select the Settings view and then click on Add at the top left. Create an alert notification rule by completing the fields.

User-added image

Complete the following fields to create an alert notification rule:

  • Accounts/Groups (required) – Choose which sets of devices will follow the notification rule. If you select an account, both grouped and ungrouped devices within that account (including all subaccounts) will be assigned to this rule.
  • Alerts (required) – Select the alert types from the dropdown options.
  • Users (optional) – If you want emailed notifications for these alerts, select users from the list to receive those emails. If you just want these alerts logged, leave this field blank.
  • Interval (optional) – Select a time interval from the dropdown options. If you select “Immediately,” an email notification is sent every time one of the selected types of alerts are logged. Otherwise, the alerts are stored over the course of the time interval and then sent together.

Potential NCM Alert Issues

  • Receiving the Email Alert seem to take longer than expected.
    • Once NCM is aware of the alert, it will verify the alert, and send it out to the configured email address. We do not have control over the alert once we have sent it to its destination address.
      • We have seen some mail servers reject, or display abnormally long delays in the alert deliveries.
        • To trouble shoot/verify if this is the issue, configure a different email address with a different domain and test the behavior of the alerts.
  • Times can also vary depending on the number and type of WAN connections being used for this device.
    • If a device only has one internet source, only one connection to NCM, then you can expect delays in the alerts. The alerts are configured in NCM, then NCM lets the router know what to watch for. If the router experiences any issue pertaining to the configured alerts, the router will then report this back to NCM. However the caveat is if the router loses its internet source or connection to NCM, then the router cannot report the issues to NCM until it regains its connection to NCM.
    • In cases where you have more than one internet connection the alerts should be fairly on queue, so long as the router can check into NCM via its second internet connection to report its alerts.

Exporting Reports

Reports allow you to create a summary of information about groups of devices and export that information as a CSV file. Select from several fields to customize your reports. Select the type of report (Data Usage or Signal Quality), a range of dates, the group(s), and identifying fields and then click Run Report to view the report. You also have the option to save the settings of a report for future use.

1366IMG24.png


Exporting Logs

To export a device’s logs as a CSV file, first enable log reporting for the group the device is in. (This is disabled by default because some users won’t use this functionality – it would unnecessarily use data.) Navigate to the Groups page, select the desired group, and click on Settings.

User-added image

In the popup window that appears, ensure that Enable Log Reporting is selected.

User-added image

Once log reporting is enabled, navigate to the Devices page, select the desired device, and click on Export → Export Logs to export the device’s logs as a CSV file.

User-added image


Alert Definitions

  • Account Locked – If Advanced Security Mode is turned on for a device, the account will lock for 30 minutes after six failed attempts to log into the device. To enable this setting, open the configuration pages in Groups or Devices and go to System Settings → Administration. Open the Router Security tab and select Advanced Security Mode.
  • Configuration Change – This displays when there has been a local configuration change. Sample alert: The device configuration has changed.
  • Configuration Rejected – A configuration change that was sent to the device has been rejected.
  • Configuration Unacknowledged – A configuration change that was sent to the device was not acknowledged by the device.
  • Data Cap Threshold – If you have a data cap threshold set, this sends an alert when the threshold is reached. A data cap threshold must be configured under Internet → Data Usage. Sample alert: The (Internal LTE/EVDO Port:int1) rule exceeded 100 percent of its 150 MB daily cycle.
  • Device Location Unknown – Displays when no location has been reported for 24 hours if the device has GPS enabled. If a manual location is being used the alert will not be generated.
  • NCM Connection State – Displays when the device loses or regains its connection to NCM. Sample alert: The device entered the “online” state.
  • Ethernet WAN Connected – An Ethernet WAN device is now active.
  • Ethernet WAN Disconnected – An Ethernet WAN device is no longer active.
  • Ethernet WAN Plugged In – An Ethernet WAN device is now attached.
  • Ethernet WAN Unplugged – An Ethernet WAN device has been removed.
  • Failed Login Attempt – Someone attempted to log into the device administration pages locally and failed. Sample alert: An attempt to log in as the admin user from 192.168.0.142 has failed.
  • NetCloud OS Upgrade – The device NetCloud OS has been upgraded.
  • Geo-fence Proximity Change – Displays whenever the device enters or exits the specified geo-fence.
  • GPIO State Change – A device GPIO pin has changed state. To update the GPIO configuration, open the configuration pages in Groups or Devices, select the System → GPIO Configuration tab. Requires at least 6.0.2 NetCloud OS.
  • Intrusion Activity – This is only relevant for devices with CP Secure Threat Management. Whenever the Threat Management deep packet inspection engine detects an intrusion, the event is recorded in the logs. These events are grouped together for 15 minutes and then reported in NCM, so even if you select “Immediately” in the Interval field below, an emailed alert might not arrive for approximately 15 minutes after an intrusion. Intrusion Activity alerts include the intrusion details and the action taken by the engine (e.g., “Blocked”). To edit Threat Management settings, open the configuration pages in Groups or Devices and select Network Settings → Threat Management. For more information about Threat Management, visit the Knowledge Base article.
  • IP Address Banned – If the Ban IP Address setting is turned on for a device and someone from a particular IP address attempts and fails to log into the device administration pages six times, that IP address will be banned for 30 minutes. To enable this setting, open the configuration pages in Groups or Devices and go to System Settings → Administration. Open the Router Security tab and click on Advanced Security Mode. Select the Ban IP Address option.
  • IPS Engine Failure – This is only relevant for devices with CP Secure Threat Management. In the unlikely event that the Threat Management engine fails, an alert is logged. You can set the router to either allow or deny traffic with a failed engine: to edit this setting, open the configuration pages in Groups or Devices and select Network Settings → Threat Management. For more information about Threat Management, visit the Knowledge Base article.
  • IPSec Tunnel Down – An IPSec tunnel that was successfully connected has gone down.
  • Modem WAN Connected – A modem WAN device is now active.
  • Modem WAN Device Plugged In – A modem WAN device is now attached.
  • Modem WAN Device Unplugged – A modem WAN device has been removed.
  • Modem WAN Disconnected – A modem WAN device is no longer active.
  • Modem WAN Standby – A modem WAN device is now in standby. This means the modem is connected to the carrier, but is not sending any data. A modem in standby will failover faster than a modem not in standby. Standby can be turned on in the router’s configuration in the Connection Manager grid.
  • Reboot – Displays when the device has been rebooted. Sample alert: The device has been rebooted.
  • Rogue Access Point Detected – Displays after running a WiFi site survey when a rogue access point not marked as known is detected broadcasting the same SSID as the device running the site survey. This helps identify potential access point hijacking, evil twin, and man-in-the-middle WiFi attacks.
  • Router App Custom Alert – A custom alert that is generated by the custom code inside a router app.
  • Router App Execution State Changed – A router app that is running on a group goes into a different execution state (start, stop, error, etc).
  • Unexpected Router App Installed – An unexpected router app is found installed, an expected router app is unexpectedly uninstalled, or a router app unknown to the system is found installed.
  • Successful Login – A user has logged into the router locally (requires at least NetCloud OS 5.0.1).
  • Temperature Limit Exceeded – For products with an internal temperature sensor (COR IBR1100 and IBR1150) and configured temperature limits, this alert displays when one of those limits is reached. To set these temperature limits for the COR IBR1100 Series, open the configuration pages in Groups or Devices, select System Settings → Administration, and click on the Temperature tab.
  • Unrecognized Client – A client with an unrecognized MAC address has attempted to connect to the device. MAC logging must be enabled for this alert to display. In the configuration pages, go to: Network Settings → MAC Filter / Logging to enable MAC logging.
  • WAN Service Type – A WAN device has changed its service type, such as switching from 3G to 4G. Possible service types include: DHCP, LTE, HSPA+, etc. Sample alert: The lte-2ae6ec8e service type has changed to LTE.
  • WiFi as WAN Connected – WiFi as WAN is now active.
  • WiFi as WAN Disconnected – WiFi as WAN is no longer active.
  • WiFi as WAN Network Available – A WiFi as WAN network is now attached.
  • WiFi as WAN Network Unavailable – A WiFi as WAN network has been removed.
  • Zscaler TLS Tunnel State – This displays the state of the Zscaler TLS tunnel when using Zscaler Internet Security in TLS Tunnel mode. If there is a connection error more information can be found in the router’s system log.

Permalink


For customers with NetCloud Manager (NCM), there are three main ways to edit a device’s configuration: in NCM, through Group and Device configurations, and locally, through the router’s own administrative page.

  • NCM Group configuration has the lowest priority.
  • NCOS Local configuration has high priority.
  • NCM Device configuration has the highest priority.

The router’s default configuration is used as a basis for comparison for configuration files. It is overwritten by any custom local configurations or NCM configurations.

The Group configuration in NCM is overwritten by both the custom Local router configuration and the Device configuration in NCM.

The NCM Device and Local router configurations are synonymous in most cases. When making a configuration change at the local level, the changes will then sync with the NCM Device level, and vice versa. The two scenarios where the NCM Device level configuration will override Local changes are:

  • when conflicting changes are made at both the Local and NCM Device level while the device is offline. Once brought online and checks into NCM, the NCM Device level changes will have priority.
  • when a new change is made locally while the NCM Device level configuration is still syncing the previous change. The new change will be overwritten by the last NCM Device level configuration once the sync completes.

In general, the preferred method for managing devices that are registered in NCM is through the Group configuration. If there are more specific settings needed for individual devices, use the Device configuration in NCM. For example, it is possible to make the administration password standard for an entire group, and then create individual SSIDs for each device – both through NCM.

Troubleshooting

If most of the devices in a group are functioning as intended, but one member of the group is not behaving the same as the others, there may be a device level configuration that is overriding the group configuration. To remove the Device configuration and keep the Group configuration, log in to NetCloud Manager, select the Devices tab, highlight your router, click Configuration and select Clear

Clear Device configuration


 

Determining where a router gets its configuration

The individual config symbol found on the NCM Devices page indicates that the router is running a non-default configuration. The same symbol, when found on the NCM Groups pages tells us that the group contains one more routers that are running configuration settings that do not match the router default or the group configuration. (Tip: clicking the individual config symbol on the Groups page will automatically display all routers with unique configurations.)

The Configuration Summary option in NCM displays a color-coded output of the router’s configuration. The target configuration displays the total sum of the different configurations the router is running:

  • settings in purple are pulled from the Group configuration in NCM
  • settings in green are pulled from the Device configuration in NCM
  • settings in grey exist only on the router’s local configuration file, and are not synced to the Device configuration in NCM (possibly because the config sync was suspended, or the router went offline before syncing)

User-added image


 

Resetting a Router Managed in NetCloud

If you factory reset a device that is managed by NetCloud Manager, the Cradlepoint will automatically connect to the internet, check back in with NetCloud Manager and re-apply the Group and Device configuration stored in NetCloud. To get the device to a factory default state, the NetCloud Device and Group configuration need to be removed from the device.

To factory reset a device that is in NetCloud Manager, do the following first before trying a software or hardware reset, otherwise, it will be reverted to its previous configuration.

Step 1: Log in to Netcloud Manager. Open the Devices tab and select your Cradlepoint Router.
Step 2: If the device is in a group: highlight the router, click “Move”, select the parent account, and click “Ok”.

Highlight your router and select "move"
Select the root account and click "ok"

Step 3: Once the device is removed from the group, highlight your router, click “Configuration” and select “Clear”.

Highlight your router, click "Configuration" and select "Clear"

Step 4: Once the router has been removed from its group and the device level configuration has been cleared, you can factory reset by clicking “Commands” and selecting “Restore to Defaults”. You may also use the hardware reset button or System > System Control > Device Options > Factory Reset Router in the local web interface.

Highlight your router, click "Configuration" and select "Clear"

Permalink


NetCloud Manager: Traffic Analytics

The following products do not support Traffic analytics:

  • Series 2 Devices
  • CBA850
  • CBA750B
  • CBA400
  • CBA450
  • MBR1200B
  • MBR1400
  • IBR350
  • IBR1100
  • IBR1150
  • IBR600B
  • IBR650B
  • IBR600
  • IBR650

Click here to identify your router.


Quick Links

Summary

Configuration

Troubleshooting

Related Articles


Summary

This article is intended to guide the user through navigating, configuring, and understanding the NetCloud Manager Traffic Analytics feature.

Enabling the Traffic Analytics feature requires NCM Enterprise.  To learn more about NCM Enterprise, including setting up a demo, please visit Network Management & Applications .


Configuration

Enabling Traffic Analytics Difficulty: Beginner

Traffic analytics can be enabled through NCM under the account dashboard or in the device dashboard after selecting specific device.

To enable Traffic Analytics, follow the directions listed below.

Step 1: Log into your NCM account
Step 2: If your router is not already registered to NCM, refer to this article for help registering your device to NCM.  Otherwise, skip to the next step.

User-added image

Step 3: Click on the Dashboard tab.
Step 4: Click on Traffic tab underneath the Dashboard menu.
Step 5: Click on the Settings button.
User-added image
Step 6: Find the device you wish to enable Traffic Analytics on on (either through the list or through the search bar) and check the associated box.
Step 7: Click on the Enable button above the top of the devices table, and then click on “Client and Traffic”.
User-added image
Step 8: The prompt will ask if you are sure you wish to enable the feature, select Yes.

Note: After enabling Traffic Analytics for a device it will take 24 hours to start showing reported data.

Note: The same process can be completed through the device dashboard by clicking the same Traffic menu button.

Dashboard vs Device Level

Traffic Analytics can be found under both the account dashboard and the device dashboard.
User-added image

Account Traffic Analytics can be viewed by clicking on the Dashboard button and clicking on the Traffic button under the account dashboard menu.
User-added image

Device Traffic Analytics can be viewed by clicking on the Devices button, selecting the desired device from the list, and clicking on the Traffic button under the devices dashboard menu.
Both Client Data Analytics pages will present the same information, but the device level will only present information on clients connected to that particular device.

Adjust Data Range and Category Difficulty: Beginner 

The Traffic Analytics page has settings to specify the desired data range time period, the category of traffic to present on the page and data source information.  This can help present only the relevent information desired for a particular user.  To change these settings follow the directions listed below:

Step 1: Log into your NCM account.
User-added image
Step 2: Access the Traffic Analytics page through the account or device dashboard
User-added image
Step 3: To change the data range, click on the Data Range field and select from YesterdayLast 7 DaysLast 15 DaysLast 30 Days, or Custom Range to specify a broader date range.
User-added image
Step 4: To change the data source, click on the Data Source field and select from AllEthernet, WiFi, or Unknown to specify what types of client data types you want to have displayed.
User-added image
Step 5: You see which categories of data and applications are using what percentage of the total data used by scrolling down to the Top Categories and Top Applications sections.
User-added image
Step 6: You can view what percentage of your data is being used by which category and which application by scrolling down to the Percent of Total Usage and Data Usage by Day sections.
User-added image
Step 7: Filter the type of data displayed by category by clicking on the drop down menu for Category.
User-added image
Step 8: Filter the type of data displayed by application by clicking on the drop down menu for Application.
User-added image
Step 9: The last section of the page shows Data Usage by Category, Application, RouterClient, or Day.  Select one of these filters to view specific data usage numbers such as total data usage, download and upload data for the selected filter.

Troubleshooting

  • No traffic statistics displayed

If you are viewing the Traffic Analytics page on the Dashboard and there is nothing displayed, please check the following:

Traffic Analytics may not have enabled for the device.
The device might have been added recently (within 24 hours) and does not yet have data to display.

  • “Not Available” displayed in app category field

    Traffic category/application may result in “Not Available” when the application engine cannot categorize the traffic.  This may be caused if:

1. Application is not one of the applications identified by the engine; including any home-grown applications

2. Traffic is tunneled/encrypted not allowing the engine to inspect the application

 

Permalink


Summary

The NetCloud Manager Dashboard gives an analytics overview of your devices, particularly your WAN interfaces, using charts and tables. Data is displayed for the last 30 days.


Dashboard Sub-tabs

The dashboard contains the following sub-tabs:

  • Home – displays views of the following:
    • Routers/APs Online
    • Routers/APs Offline
    • Routers/APs Initialized
    • Total (devices)
    • Ethernet WAN Data Usage
    • Modem Data Usage
    • WiFi as WAN Data Usage
    • Connected Modem Count by Home Carrier
    • Connected Modem Count by Service Type
    • Device Count by Product
    • WAN Data Usage by Day
    • Group Status Overview
    • Alerts by Type
    • Modem Devices over 1 GB
  • GeoView – displays a map with the physical locations of the devices in an account which have location services enabled.
  • Uptime – displays uptime views for the following:
    • Total WAN Uptime
    • Daily WAN Uptime
    • Group Uptime
    • Router Uptime
  • Modem Usage – displays modem usage views by the following categories:
    • Connected Modem Count by Home Carrier
    • Data Usage by Carrier
    • Carrier Data Usage by Day (within billing period)
    • Carrier Data Usage Forecast
    • Group Data Usage by Carrier
    • Device Data Usage by Carrier
  • Clients – displays views of client usage by the following:
    • Client Source
    • Clients Connected by Day
    • Average Clients Per Day
    • Total Number of Clients
    • Average Usage Per Client
    • Average Download Per Client
    • Average Upload Per Client
    • Top 10 Clients
    • All Clients
  • Traffic – displays views of traffic data by the following categories:
    • Top Categories
    • Top Applications
    • Percentage of Total Usage
    • Data Usage by Day
    • Average Usage Per Day
    • Average Download Per Day
    • Average Upload Per Day
    • Data Usage by
      • Category
      • Application
      • Router
      • Client
      • Day

 


Hints for using the Dashboard

 

  • Modems without an active connection (e.g., modems that are set for failover) may not always show the carrier or service type in the modem count charts.
  • Click on a group name in Group Status Overview to link to a list of that group’s devices displayed on the DEVICES page.
  • Click on an alert type in Alerts By Type to link to a list of alerts of that type displayed on the ALERTS & LOGS page.

 


WAN Data Usage by Day

 

  • A “day” is defined by a 24-hour period beginning at midnight UTC (Coordinated Universal Time). Depending on the device’s time zone, a “day” might begin at, e.g., 8:00 p.m. local time. (Compare your local time to current UTC.)
  • The data is summarized at the end of each 24-hour period, so today’s data will not appear in this chart until tomorrow, after that summary is completed.
  • Highlight a section of the graph to drill down to view data for just a few dates. Click the Reset zoom button to return to the 30-day view.
  • Click on a WAN type (e.g., “Ethernet”) to toggle its display.

Permalink


← FAQs