Titan Portal 8.1.0

Left Menu Bar

The left portion of the window displays the menu bar.

Field	Description
Configure	Display the Configure dashboard for the current device. You can configure settings such as network, security, WiFi, and steering.
Monitor	Display the Monitor dashboard. You can monitor network and security settings, view connected devices, and run an internet speed test.
Analytics	Access the following tools: Bandwidth dashboard Reporting dashboard Administration dashboard SD-WAN—Sites, Sites Map, Paths Security—Applications, Websites, Firewall, Threats System—Interfaces, Guest VNF, SNG Logs—Alarms, DHCP, Authentication, Firewall, CGNAT, DOS, IDP, Anti Virus, URL Filtering, IP Filtering, Traffic Monitoring, Web Monitoring, SSL Decryption, ADC, Guest VNF events, Packets Captures
Live Monitor	Display the Live Monitor dashboard to monitor the live status of devices connected to the Titan portal.
Trouble Shoot	Display the Troubleshooting dashboard to troubleshoot topics such as connecting to the internet or WiFi and accessing websites.
Inventory	Display the Inventory dashboard to view a list of devices configured on the system. You can view subscriptions and licenses, check the software version, turn service on and off, and manage actions such as deactivating devices, requesting device location, and managing subscriptions.
Users	Display the Users dashboard to view a list of users added to the system. The enterprise administrator can add new users and administrators, set user roles and privileges, and lock or unlock user accounts.

Bottom Menu Bar

The bottom portion of the window displays the bottom menu bar.

Field	Description
Device License	Click vCSG, CSG700, or CSG300 to display available license packages. Each icon displays the remaining number of available licenses.
Map View	Toggle to switch between honeycomb and map view.
Group	Toggle to group sites by location.
Filter	Click the  Filter icon to display the Visualizations window. Use the toggles to limit the display in honeycomb view, then click Apply.
Wrench	Click the  Wrench icon to edit the default configuration. See Default Configuration Values.

Honeycomb View

The Configure, Monitor, and Troubleshoot dashboards display sites in honeycomb format. Each honeycomb represents a site in the customer topology and displays a site name, location, and devices for that site.

Device icons appear as blue, gray, or gold squares that reflect the license type. HA sites display 2 device icons.

Map View 

Move the toggle at the bottom of the Configure or Monitor dashboards to the right to switch from honeycomb to map view.

Configure Corporate WiFi

To configure Corporate WiFi settings:

1. Click Configure in the left menu bar to open the Configure dashboard.
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Wi-Fi box to open the Network > Wireless Networks screen.
   
   
   The Network > Wireless Networks screen displays 2 WiFi radios. These are Corporate Wi-Fi, which uses an SSID of Titan-Corporate in this example, and Guest Wi-Fi, which uses an SSID of Titan-Guest.
    
5. Click the current SSID for Corporate Wi-Fi to open the Network > Wireless Networks > Edit Network screen.
6. Click the SSID and Passphrase fields to clear the current credentials, then enter new credentials. The WiFi SSID can be no more than 32 characters, and passwords must be between 8-25 characters. 
   
   
7. Choose a radio frequency from Dual Band, 2.4 GHz or 5 GHz.
8. The Channel selection for Dual Band is set to Auto and cannot be changed. For 2.4 GHz and 5 GHz, the channel selection can be Auto or a Channel number.
9. Click Add. This saves the change locally but does not save to the Titan cloud.
10. Click Save to save the changes to the Titan cloud.

To assign IP addresses to the corporate WiFi port, Wi-Fi-1, see Configure WiFi Ports.

Configure Guest WiFi 

To configure Guest WiFi settings:

1. Click Configure in the left menu bar to open the Configure dashboard.
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Wi-Fi box to open the Network > Wireless Networks screen.
5. Click Guest in the Network > Wireless Networks window to open the Edit Network screen.
   
   
6. Click in the SSID and Passphrase fields to clear the current credentials, then enter new credentials.
   Bandwidth Control is automatically set to Auto. Access Control specifies that guests accessing this Wi-Fi are restricted to use the Internet only; guests do not have access to the company VPN.
7. Click the LTE toggle to enable or disable the use of LTE access by WiFi guests.
   The radio channel is automatically set to Dual Band with a Channel Selection of Auto.
8. Choose the Dual Band, 2.4 GHz, or 5 GHz radio frequency.
   The Channel selection for Dual Band is set to Auto and cannot be changed. For 2.4 GHz and 5 GHz, the channel selection can be Auto or a Channel number.
9. Click Add. This saves the change locally but does not save to the Titan cloud.
10. Click Save to save the changes to the Titan cloud.

To configure IP addresses for the guest WiFi port, Wi-Fi-2, see Configure WiFi Ports.

Configure Ethernet Ports 

You can assign an IP address to an Ethernet port and configure DHCP addressing from the Ethernet Ports screen. The mapping from port number to LAN number varies based on the number of WAN ports.

To configure Ethernet ports on a LAN:

1. Hover over the device in the honeycomb and click Configure to open the site information window.
2. Click Next to open the Configuration > Network screen.
3. Click the LAN box to open the Network > LAN screen.
4. Click the Ethernet Ports box to open the Network > LAN > Ethernet Ports screen.
   
   
    
5. Click the drop-down menu to the right of Easy Quick Picks to view a list of available ports and their corresponding LAN numbers.
6. Select a LAN/port from the drop-down menu.
7. Configure the following settings on the page:

• VLAN tagging
• DHCP settings
• Name servers

Configure VLAN Tagging 

VLANs are used to enhance performance by reducing the need to send broadcasts and multicasts to unnecessary destinations. VLANs also ease network configuration by logically connecting devices without physically relocating those devices.

To configure VLAN tagging:

1. Click Configure in the left menu bar to open the Configure dashboard.
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the LAN box to open the Network > LAN screen.
5. Click the Ethernet Ports box to open the Network > LAN > Ethernet Ports screen.
6. Select a port from the menu to the right of Easy Quick Picks. 
7. Click the VLAN Tagging toggle to turn on VLAN configuration options.
   
   
   
   Enter information for the following fields.
    

   Field	Description
   Label	Enter a name for the VLAN.
   VLAN ID	Enter the VLAN ID.
   IP Address/Mask	Enter a valid IP prefix and length. The length must be in /25 CIDR subnet mask notation, for example, 172.16.4.0/25.

   ​​​​​
8. Click Add VLAN to save the changes.
9. Click Save to save the configuration.

Configure DHCP Settings 

Titan devices include the Dynamic Host Configuration Protocol (DHCP) server and the DHCP relay-agent software. The DHCP server implementation assigns and manages IP addresses from specified address pools within the device to DHCP clients. The DHCP server can be configured to assign additional parameters, such as the IP address of the Domain Name System (DNS) server and the default device. You can also set the IP address of a DHCP server to which the DHCP relay agent forwards client requests.

To configure DHCP settings:

1. Hover over the device in the honeycomb and click Configure to open the site information window.
2. Click Next to open the Configuration > Network screen.
3. Click the LAN box to open the Network > LAN screen.
4. Click the Ethernet Ports box to open the Network > LAN > Ethernet Ports screen.
   
   
5. Select a port from the menu to the right of Quick Picks.
6. Click the DHCP Server checkbox to activate configuration fields on the screen.
   
   
7. Enter information for the following fields.
    

   Field	Description
   IP Subnet	Enter a valid IP prefix and length. The length must be /25 CIDR subnet mask notation, for example, 172.16.4.0/25.
   IP Start Range	Enter the IP address at the beginning of the DHCP address pool.
   IP End Range	Enter the IP address at the end of the DHCP address pool.
   Name Servers	By default, a primary and secondary DNS name server are configured automatically.

8. Click Save to save the settings.

DHCP Relay

1. Select the DHCP Relay option.
2. Enter the IP address of the DHCP relay agent. You can enter multiple IP addresses separated by a comma.
   
   

DHCP Client Options

You can configure DHCP Client Options on a per-LAN-interface and per-VLAN basis for Versa Titan sites. Available options are Option 43, Option 66, and Option 42, with corresponding support for Boolean, IPv4 address, String, and FQDN type fields.

To configure DHCP client options:

1. From the Network > LAN > Ethernet Ports window, click DHCP Client Options to open the DHCP Client Options window.
   
   
   
    
2. Enter information for the following fields.
    

   Field	Description
   Vendor ID (optional)	Enter vendor ID.
   Code	Enter DHCP option code. Valid options are 42 (NTP server), 43 (vendor specific), or 66 (TFTP server).
   Type	Enter data type of the value. These are the system-defined types: boolean fqdn ipv4-address string
   Value	Enter value for the chosen option code.

3. Click + DHCP Option to save the option to the DHCP screen. The new option displays on the screen.
   
   
4. Click the Trash icon to delete a DHCP option.
5. Click Save to save the changes to the Titan cloud before leaving the Ethernet Ports screen. 

LAN Static IP Route

To set a static route to a destination using a next-hop Address, click + Add Route to configure multiple static routes.

Configure WiFi Ports 

You can assign a range of IP addresses to each WiFi port. To configure WiFi radio settings, such as SSID, for these ports see Configure WiFi Radios.

To configure WiFi port settings:

1. Hover over the device in the honeycomb and click Configure to open the site information window.
2. Click Next to open the Configuration > Network screen.
3. Click the LAN box to open the Network > LAN screen.
4. Click the Wi-Fi Ports box to open the Network > LAN > Wi-Fi Ports screen.
   
   
5. Select a WiFi port from the menu to the right of Quick Picks. Wi-Fi-1 is the corporate WiFi port and Wi-Fi-2 is the guest WiFi port.
6. Click the DHCP checkbox.
7. Enter information for the following fields.
    

   Field	Description
   IP Subnet	Enter a valid IP prefix and length. The length must be /25 CIDR subnet mask notation, for example, 172.16.4.0/25.
   IP Start Range	Enter the IP address at the beginning of the DHCP address pool.
   IP End Range	Enter the IP address at the end of the DHCP address pool.
   Name Servers	By default, a primary and secondary DNS name server are configured automatically. To change values, click Manual then enter a valid primary and secondary value.

8. Click Save to save the settings.

Configure Port Forwarding 

NAT port forwarding, also called port mapping, redirects packets from one address and port number pair to another while the packets are traversing the Titan device. You configure port forwarding rules to allow incoming traffic to reach its destination in the LAN. You should configure WAN ports before configuring port forwarding. Only configured WAN interfaces are available in the Port Forwarding screen. Port forwarding is not enabled by default; you must configure a rule. When a rule is created, it is automatically enabled.

To configure a port forwarding rule:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the LAN box to open the Network > LAN screen.
   
   
5. Click the Port Forwarding box to open the Network > LAN > Port Forwarding screen.
   
   
    
6. Click + Rule on the Network > LAN > Port Forwarding screen to display the Add Rule screen.
   
   
7. Enter information for the following fields.
    

   Field	Description
   Rule Name	Enter a name for the rule.
   Type	Choose the DNAT or SNAT technique for address translation.
   Interface	Choose a WAN interface from the drop-down menu. Only configured WAN interfaces are listed in the menu.
   Internal Port	Enter a port number. You can configure a single port number or a range of port numbers; for example, 100 or 100-150. The type of internal port you configure (single or range) must be the same as the type of external port.
   Internal IP	Enter an internal IP address or IP address range. The IP addresses must fall within the start and end IP address range of any of the LAN ports. The internal IP type (single or range) must be the same as the external IP type. Internal and external IP ranges must match for SNAT rules.
   External Port	Enter a port number. You can configure a single port number or a range of port numbers;  for example, 100 or 100-150. The type of external port you configure (single or range) must be the same as the type of internal port.
   External IP	Enter an external IP address or IP address range. The IP addresses must fall within the start and end IP address range of any of the LAN ports. The external IP type (single or range) must be the same as the internal IP type. Internal and external IP ranges must match for SNAT rules.
   Protocol	Select Any, TCP or UDP.

8. Click Add. This adds the rule to the screen but does not save to the Titan cloud.
   
   
    
9. Click Save to save the new rule to the Titan cloud.

To update a rule:

1. Click the rule name to edit the rule, or click X to delete the rule. 
2. Click Save to update the Titan cloud.

To delete all rules:

1. Click Easy Quick Picks. This deletes all port forwarding rules since the default configuration contains none.
2. Click OK in the pop-up window.
3. Click Save to update the Titan cloud.

Reserve an IP Address for a Device 

To permanently assign an IP address to a device, you can reserve specific addresses in the DHCP pool. To reserve an IP address for a device, you can either add a new device by creating a rule or click the Add Devices icon to add devices that are already connected.

To reserve a device IP address for a device:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the LAN box to open the Network > LAN screen.
   
   
5. Click the Device IP Address Reservation box to open the Device IP Address Reservation screen.
   
   
    
6. Click + Rule to open the Device IP Address Reservation screen.
   
   
7. Configure settings for the following fields.
    

   Field	Description
   Rule Name	Enter a name for the rule.
   IP Address	Enter the IP address to reserve.
   MAC Address	Enter the MAC address of the device for which you are reserving the IP address.

8. Click Add to add the rule. This adds the rule to the screen but does not save to the Titan cloud.
   
    
    
9. Click Save to save the new rule to the Titan cloud.

To update a rule:

1. Click the rule name to edit the rule, or click X to delete the rule. 
2. Click Save to update the Titan cloud.

To delete all rules:

1. Click Easy Quick Picks. This deletes all IP address reservation rules since the default configuration contains none.
2. Click OK in the pop-up window.
3. Click Save to update the Titan cloud.

WAN Static IP Route

To configure a static IP route to a destination:

1. From the Network > WAN screen, click the Static IP Route tab to display the Static IP Route screen.
   
   
    
2. Enter information for the following fields.
    

   Field	Description
   Destination	Enter an IP address and mask in the Destination (IPv4/Mask) field
   Next-Hop Address	Click Address or IPsec next to Next-Hop Address, then enter one of the following: Next Hop (IPv4): Enter the next-hop address IPsec: Select an IPsec tunnel from the drop-down menu. To create an IPsec tunnel, see IPsec VPN.
   Redistribute	Click Redistribute to advertise the route to the VPN (SD-WAN).

3. Click + Add Route. This saves the entry to the Network WAN screen but not the Titan cloud. The new route displays on the screen.
   
   
    
4. Click Save to save the changes to the Titan cloud. 

IPsec VPN

You use the IPSEC VPN option to build an IPsec tunnel to other appliances or applications. Once saved, Titan Portal adds the tunnel name to the drop-down menus for WAN static IP routes, steering rules, and firewall rules. Tunnels use the preshared key (PSK) authentication type and are built using IKEv2. You can configure multiple tunnels by clicking + Add.

To configure an IPsec tunnel:

1. From the Network > WAN screen, click the IPsec VPN tab to display the IPsec VPN screen.
   
   
   
    
2. Enter information for the following fields.
    

   Field	Description
   Name	Enter IPsec tunnel name. Titan Portal adds the tunnel name to the IPsec drop-down menu in the Static IP Route screen.
   Redistribute	Click to redistribute the tunnel.
   Peer Type	Enter format for the peer value: hostname, fully qualified domain name (FQDN), or IP address.
   Peer Type Value	Enter peer value using the format selected in peer type.
   Local Auth
   Auth Type	Displays the Auth type (PSK).
   Identity Type	Enter format for the identity type value: hostname, FQDN, or IP address.
   Identity Type Value	Enter value in the format selected in identity type.
   Shared Key	Enter preshared key.
   Peer Auth
   Auth Type	Displays the Auth type (PSK).
   Identity Type	Enter format for the identity type value: hostname, FQDN, or IP address.
   Identity Type Value	Enter value in the format selected in identity type.
   Shared Key	Enter preshared key.
   Local Tunnel Address	Enter IP address of local tunnel interface in CIDR format.
   Gateway Tunnel Address	Enter IP address of peer.

3. Click +Add IPsec Profile. This saves the tunnel to the IPsec VPN screen but not the Titan cloud.
   
   
   
   Use the trash icon to delete a tunnel or the pencil icon to edit a tunnel. Click the  Eye icon to display tunnel details.
    
4. Click Save to save the changes to the Titan cloud. Once saved, Titan Portal adds the IPsec tunnel name to the drop-down menus for WAN static IP routes, steering rules, and firewall rules. See WAN Static IP Route, Manage Firewall Policies, SD-WAN Steering, and Internet Steering.

Configure PPPoE Settings

Point-to-Point Protocol over Ethernet (PPPoE) is used with DSL services in which individual users connect to a DSL modem over Ethernet. The PPPoE username and password configured on the WAN interface must match settings on the WAN server to be active; otherwise, PPPoE is inactive. You cannot remove or add a new PPPoE instance once a device has been deployed but you can edit the PPPoE username and password at any time.

When PPPoE is active, you can monitor status within the WAN interface from the Monitoring > Network screen. You can also perform a speed test and view steering options from the Speed Test and Steering screens.

Versa Titan supports xDSL interface on CSG355 and CSG365 appliances. You must upgrade these appliances to Versa Operating System^TM VOS^TM (VOS) Release 21.2.1 or later to get the xDSL option displayed in your Versa Titan Portal. GZTP and WiFi are not available for xDSL activation with static IP and PPPoE. Use Versable activation with mobile app to activate the device when xDSL with static IP and PPPoE is configured. You can configure and enable PPPoE only on WAN1 and WAN2 ports before you deploy the device. You use Titan Portal to configure and deploy xDSL device. Titan Mobile can be used only for xDSL device activation and monitoring the status.

To configure PPPoE:

1. Click Configure in the left menu bar to open the Configure dashboard.
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the WAN icon and select the WAN interface.
5. Click the PPPOE tab and switch the PPPoE Status toggle to on.
   
   
    
6. Select an interface type.
   • Ethernet
   • xDSL
7. Select a multiplexing type:
   • LLC
   • VC-MUX
8. Choose an instance type from the drop-down list:
   • Internet Only—Traffic is directed to DIA only.
   • SD-WAN Only—Traffic is directed to the SD-WAN VPN only.
   • SD-WAN and Internet (DIA) Split Tunnel—VPN traffic is directed to the SD-WAN VPN. Internet traffic is directed to DIA.
9. Enter the username and password in the fields provided.
10. Enter the Service Name provided by DSL provider.
11. Enter the name of the access concentrator. The access concentrator name on both the client and the server must be the same to establish the PPPoE session.
12. Enter the virtual path identifier.
    Range: 0 through 256
13. Enter the Virtual channel identifier.
    Range: 32 through 65535; 0 through 31 are reserved
14. Enter the VLAN ID configured for the xDSL line.
15. Click Save to save the settings.

Configure LTE and APN Settings 

You can configure Long-Term Evolution (LTE) wireless broadband services on appliances that support LTE. LTE wireless functionality is useful when a branch does not have a wired connection to the internet.

An access point name (APN) establishes a connection to the gateway between the carrier's network and the internet. Your service provider may require specific setting for the connection, and you can enter these APN details manually.

To view LTE settings and update APN settings:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the LTE box to open the Network : LTE Screen.
   
   
    
5. Use the drop-down menu to select an existing LTE interface, or select +LTE to add an additional interface (up to 4 total).
6. Switch the LTE interface on or off using the toggle.
7. Click a circuit role:
   • Primary—SD-WAN and direct DIA traffic are sent through the interface.
   • Hot Standby—When used as a hot-standby, you can create rules to steer traffic on the interface. Titan only sends DIA traffic to the interface if the primary interface is down.
   • Cold Standby—The interface is operationally down. No traffic flows on the interface until the primary interface is detected as down.
      
8. Switch the toggle to turn the LTE gateway configuration on or off. You must turn this feature on before the configuration is deployed.
9. Choose the type of tunnel using the Tunnel Selection drop-down list:
   • Globe icon—Internet only
   • Hub icon—VPN only
   • Combined Globe and Hub icon—VPN and Internet (DIA) Split Tunnel
     
     The network address and name servers are set to Auto and cannot be changed.
     
     APN is set to Auto by default.
     
     
      
10. Click Manual to display the APN screen.
    
    
     
11.  Enter information for the following fields.
     

    Field	Description
    APN	Enter access point name (APN) that you received from your service provider.
    PIN	For a USB modem that is locked with a PIN, enter PIN number.
    Username	Enter username provided by the service provider to use to access the wireless WAN. This username is used when a CDMA modem prompts for username.
    Password	Enter password provided by the service provider to access the wireless WAN. This password is used when a CDMA modem prompts for password. Click Show/Hide to view the new password.

12. Click Save to save the settings.
13. Verify the settings from the Monitoring screen any time you change between Manual or Auto.

Configure a URL Blacklist

Add websites to be blocked on the network so that users cannot access the sites. Add multiple websites by separating them with a comma.

To add URLs to a Blacklist:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. In the Security Profile Definition section, click Blacklisted URLs to open the Configuration > Security > Blacklisted URLs screen.
   
   
6. Enter a single URL or enter multiple URLs separated by a comma.
7. Click + Add URL to add URLs to the Blacklist.
8. Click Publish to save the settings.

To delete URLs from the list, click the X next to the URL.

Configure a URL Whitelist

Add websites allowed on the network, even if blocked by other settings. Add multiple websites by separating them with a comma.

To add URLs to the Whitelist:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. In the Security Profile Definition section, click Whitelisted URLs to open the Configuration > Security > Whitelisted URLs screen.
   
   
6. Enter a single URL or enter multiple URLs separated by a comma.
7. Click + Add URL to add URLs to the Whitelist.
8. Click Publish to save the settings.

To delete URLs from the list, click the X next to the URL.

Configure URL Categories

To set a category filter for types of URLs to allow or block:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. Click a Category level to open the configuration screen for that level:

• Low
• Standard
• Advanced
  
  ​​​​

8. Click to select the categories to Block or Alert & Confirm.
9. Click Publish to save the settings.

Configure IP Reputation Filtering

To set a reputation filter for types of URLs to allow or block:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. Click a Reputation level to open the configuration screen for that level:

• Low
• Standard
• Advanced
  ​​​​​​
  

9. Click to select the reputation level.
    

   Field	Description
   Red	Blocked
   Amber	Ask
   Blue	Allowed
   High Risk IP Addresses	Range: 01-20 There is a higher than average predictive risk that these IP addresses will deliver attacks to infrastructure or endpoints.
   Suspicious IP Addresses	Range: 21 - 40  There is a higher than average predictive risk that these IP addresses will deliver attacks to infrastructure or endpoints.
   Moderate Risk	Range: 41 - 60  These are generally benign IP addresses but have exhibited some potential risk characteristics. There is some predictive risk that these IP addresses will deliver attacks to infrastructure or endpoints.
   Low Risk	Range: 61 - 80 These are benign IP addresses are rarely exhibit some characteristics that expose infrastructure and endpoints to security risks. There is a low predictive risk of attack.
   Trustworthy	Range: 81-100 These are clean IP addresses that have not been tied to a security risk. There is a low predictive risk that infrastructure and endpoints will be exposed to attack.

10. Click Publish to save the settings.

Configure Antivirus Protection

To choose where to apply antivirus protection:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. Click an Antivirus level to complete the configuration:

• Low—Web Traffic
• Standard—Email Attachment
• Advanced—Web and Email Attachment

8. Click Publish to save the settings.

Configure the Intrusion Prevention System

To configure IPS:

1. Click Configure in the left menu bar to open the Configure dashboard. 
2. Hover over the device in the honeycomb and click Configure to open the site information window.
3. Click Next to open the Configuration > Network screen.
4. Click the Security tab. 
5. Click to choose an Intrusion Detection Protection level to open the configuration screen for that level:

• Low
• Standard
• Advanced

Field	Description
Choose Intrusion Detection Prevention Level	Click the toggle to set attack detection level. The following values are the default settings for the selected Intrusion Detection Protection level: Low—Client Protection. Loads all client-side attack detection. Standard—Standard Recommended Profile. Recommended profile for adequate security and performance. Advanced—All attack rules. Loads all attack signatures.
All Anomaly Rules	Load all the anomaly signatures.
All Attack Rules	Load all attack signatures. This is the default protection in the Advanced setting.
Client Protection	This profile loads all client-side attack detection.
Database Profile	Load the Oracle database server vulnerability signatures.
ICS Profile	Load the Industrial Control System (ICS) vulnerability signatures.
Linux OS Profile	Detect all attacks related to Linux OS.
MAC OS Profile	Detect all attacks related to MAC OS.
Malware Profile	Detect all antivirus attacks.
Server Protection	Detect server-side attacks.
Standard Recommended Profile	This profile is the one recommended by Versa for adequate security and performance.
Windows OS Profile	Detect attacks specific to Windows OS.

8. Click Publish to save the settings.

Create a Steering Rule

The actions available on the Real Time screen are identical to the Internet Steering, Business Critical, Default, and Low Priority screens. The examples below use the Real Time screen. 

To create a new rule:

1. From the Steering > SDWAN Steering screen, click Real Time to display the Real Time screen.
   
   
    
2. Click + Rule to display the STEERING > SDWAN Steering > Real Time > Rules > Add screen.
   
   
    
3. Enter information for the following fields.

   Field	Description
   Rule Name	Enter a name for the rule.
   Match Criteria	Click Protocol, Address, Hostname, or Application to add details for that criteria type. Match criteria details are listed below in the Match Criteria for Rules section.
   Scope
   Source Zone	Click the down arrow in the Please Select field. A pop-up window displays the configured interfaces and tunnels.  Choose a type: Untrust, Wired LAN, Wireless LAN, VPN, or an IPsec tunnel. To create a tunnel, see IPsec VPN.
   Arrow	Choose a  one-way or  two-way connection.
   Destination Zone	Click the down arrow in the Please Select field. A pop-up window displays the configured interfaces and tunnels.  Choose a type: Untrust, Wired LAN, Wireless LAN, VPN, or an IPsec tunnel. To create a tunnel, see IPsec VPN.
   Select Profile	Use the drop-down menu to select a profile. To create a new profile, see Create a Steering Profile.

4. Click Add. The rule is saved to the screen but not the Titan cloud.
5. Click Save to save the rule to the Titan cloud.

Create a Steering Rule for SASE Gateway 

Ensure that you create a profile before creating a rule. To create a new profile, see Create a Steering Profile for SASE Gateway. 

To add a new steering rule for SASE gateway:

1. Click Steering > SD-WAN Steering > Real Time to display the Real Time screen.
   
   
    
2. Click the  icon to add a new steering rule.
   
   
    
3. Configure settings on the screen:
   
   

Field	Description
Rule Name	Enter a name for the rule.
Match Criteria	There are 4 types of match criteria. Click Protocol, Address, Hostname, or Application to add details for a criteria type. See Match Criteria for Rules for match criteria details.
	Click the down arrow in the Please select drop-down list to select the protocol.
Scope
Source Zone	Click the down arrow in the Please Select drop-down list. A pop-up window displays the zones that classify the traffic flows coming to the gateway from various sources.  Select a source zone, and then click Continue. SD-WAN—Select for the traffic coming to the gateway over overlay tunnels from remote SD-WAN branches. Untrust (Internet)—Select for internet facing WAN interfaces. Secure Access—Select the ingress zone for the traffic coming from VSA clients.
Arrow	Choose a  one-way or  two-way connection.
Destination Zone	Click the down arrow in the Please Select drop-down list. A pop-up window displays the zones that classify the traffic flows coming to the gateway from various sources.   Select a destination zone, and then click Continue. SD-WAN—Select for the traffic coming to the gateway over overlay tunnels from remote SD-WAN branches. Untrust (Internet)—Select for internet facing WAN interfaces. Secure Access—Select the ingress zone for the traffic coming from VSA clients.
Select Profile	Use the drop-down list o select a profile. To create a new profile, see Create a Steering Profile.

10. Click Add. The rule is saved to the screen but not the Titan cloud.
11. Click Save to save the rule to the Titan cloud.

Match Criteria for Rules

You can use up to 4 types of match criteria in a rule: Protocol, Address, Hostname, or Application.

To specify match criteria:   

1. Protocol
   1. Click the Protocol tab to display the Protocol window.
      
      
   2. Click the FTP drop-down menu, then select a protocol. Titan Portal automatically populates the next field with common port numbers.
   3. If needed, click the port number field and edit the port number range.
       
2. Address
   1. Click the Address tab to display the Address window.
      
      
   2. If needed, click Source and enter a source IP address in CIDR format.
   3. If needed, click Destination and enter a destination IP address.
       
3. Hostname
   1. Click the Hostname tab to display the Hostname window.
      
      ​​​​
   2. If needed, click Source and enter a source hostname.
   3. If needed, click Destination and enter a destination hostname.
       
4. Application
   1. Click the Application tab to display the Application window.
      
      
   2. Click Add or Modify Applications. Check boxes to add applications to the match criteria.
   3. Click Add. This saves the changes to the window but not the Titan cloud. 
      
      
       

Edit or Delete Rule

To edit or delete a rule:

1. From the Steering > SDWAN Steering screen, click Real Time, Business Critical, Default, or Low Priority.
2. Click a rule name to edit a rule. Click the X to delete a rule.
3. Click Save to save the changes to the Titan cloud.

Create a Steering Profile

The actions available on the Real Time screen are identical to the Business Critical, Default, and Low Priority screens. The examples below show the Real Time screen.

To create a new profile:

1. From the Steering > SDWAN Steering screen, click Real Time to display the Real Time screen.
   
   
2. Click +Profile to display the STEERING > SDWAN Steering > Real Time > Profiles > Add screen.
   
   
    
3. Enter information for the following fields.
    

   Field	Description
   Profile Name	Enter name you are assigning to the profile.
   Select Circuit	Select WAN interface.
   Next Hop	Select the next hop: Optimization—Enables all application traffic to select the best path. Enable—Set to enable if the profile is mapped to SD-WAN policy with at least one application in the match criteria. Disable—Set to disable if the SD-WAN policy does not have any applications in the match criteria. Select Gateway—Select one or more next hops from Versa-hosted SASE gateways. Select Devices List—Select one or more next hops from SD-WAN sites in the network. Select Circuits—Select one or more WAN links on the device.
   Circuit Selection Criteria	Click the circuit selection criteria, then specify: Latency—Click Low, or click Ms to specify the amount of latency in milliseconds. Packet Loss—Click Low, or click Percentage to specify the amount of packet loss by percentage. Delay Variation—Click Low, or click Percentage to specify the amount of packet loss by percentage.
   Loss Recovery	Choose the loss recovery method: Forward Error Correction (FEC) Packet Replication
   Load Balance	Choose the load balancing mechanism: Per Flow Per Packet

   
    
4. Click Add. The profile is saved to the screen but not the Titan cloud.
5. Click Save to save the profile to the Titan cloud.

Create a Steering Profile for SASE Gateway

To create a new profile for SASE gateway:

1. From the Steering > SDWAN Steering screen, click Real Time to display the Real Time screen.
   
   
2. Click +Profile to display the Steering > SDWAN Steering > Real Time > Profiles > Add screen.
   
   
3. Enter information for the following fields.
    

   Field	Description
   Profile Name	Enter a name for the profile.
   Select Circuit	Select WAN interface is not supported for SASE gateway.
   Circuit Selection Criteria	Click the circuit selection criteria, then specify: Latency—Click Low, or click ms to specify the latency in milliseconds. Packet Loss—Click Low, or click Percentage to specify the percentage of packet loss. Delay Variation—Click Low, or click Percentage to specify the percentage of delay variation.
   Loss Recovery	Choose the loss recovery method: Forward Error Correction (FEC) Packet Replication
   Load Balance	Choose the load balancing mechanism: Per Flow Per Packet

4. Click Add. The profile is saved to the screen but not to the Titan cloud.
5. Click Save to save the profile to the Titan cloud.

Monitor Device Information

You use the Device screen to check the device CPU, disk, and memory status, SD-WAN connectivity, and bandwidth usage. To view the most current status, click Refresh.

To monitor device status:

1. Click the Monitor icon in the left menu bar to open the Monitor dashboard.
2. Hover over the site in the honeycomb to open the option card for the device.
3. Click Monitor Dashboard in the Actions column of the device-options card to open the Monitor screen.
4. Click Device to open the Device Information screen. Statistics automatically load showing overall device availability and CPU, disk, and memory use by percentage.
   
   

5. Click CPU to view CPU usage in graph form in a new window.

• Click the menu bar at the bottom of the screen to select a specific time frame to capture CPU usage. Click OK to save the settings.
• Click the Refresh icon to update the screen.

6. Click the Disk to view disk load usage in percentage form in a new window.

• Click the menu bar at the bottom of the screen to select a specific time frame to capture disk load. Click OK to save the settings.
• Click the Refresh icon to update the screen.

7. Click Memory to view memory load in percentage form in a new window:

• Click the menu bar at the bottom of the screen to select a specific time frame to capture memory load. Click OK to save the settings.
• Click the Refresh icon to update the screen.

Monitor SD-WAN Connectivity

To monitor SD-WAN connectivity:

1. Click the Monitor icon in the left menu bar to open the Monitor dashboard.
2. Hover over the site in the honeycomb that you would like to monitor to open the option card for the device.
3. Click Monitor Dashboard in the Actions column of the device-options card to open the Monitor screen.
4. Click Device > SD-WAN Connectivity to view device connectivity status in a new window:

• Search for a device by name.
• Click the Refresh icon to update the screen.

Monitor Bandwidth Usage

To monitor device bandwidth:

1. Click the Monitor icon in the left menu bar to open the Monitor dashboard.
2. Hover over the site in the honeycomb that you would like to monitor to open the option card for the device.
3. Click Monitor Dashboard in the Actions column of the device-options card to open the Monitor screen.
4. Click Device > Bandwidth Usage to view device bandwidth status in a new window:

• Search for a device by name.
• Click the menu bar at the bottom of the screen to select a specific time frame to capture SD-WAN connectivity. Click OK to save the settings.
• Click the Refresh icon to update the screen.​

View Sites by Usage

View top site usage over time. Sort information using the drop-down menus provided at the top of the screen. View, sort, and filter analytics information using the tools provided in the upper right corner of the section. View sites in list form in the Sites section. Copy, download, or print the list using the tools provided in the upper right corner of the section.

View Sites by Availability

View top site availability over time. The Availability screen shows Down and Up status. Sort information using the drop-down menus provided at the top of the screen. Print analytics information using the tools provided in the upper right corner of the screen.

View Sites by Connection

View the top 50 site-to-site connections. The Connections screen shows analytics in a pie chart. Sort information using the drop-down menus provided at the top of the screen.

View Sites by Heat Map

View how much attention a site is getting by color code. Hover over the sections in the heat map to view site name, availability, and number of sessions. Print analytics information using the tools provided in the upper right corner of the screen.

View Sites and Circuits on the Site Map

To view the SD-WAN site map: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > SD-WAN, click Sites Map to view statistics information in the map. Click the Filter icon in the upper right corner to choose what the map displays:

• Clustered View
• Show Access Circuits
   

View Site Paths

To view site path analytics: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > SD-WAN, click Paths to view statistics information in a new screen.

• Usage
• SLA Metrics
• Rules
• MOS

View Security Applications

Application security describes security measures at the application level that aim to prevent data or code within the app from being stolen or hijacked.

To view security applications: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > Security, click Applications to view statistics information. 
   
   
    

Sort information using the drop-down menus provided at the top of the screen. View, sort, and filter analytics information using the tools provided in the upper right corner of the section. Copy, download, or print the list using the tools provided in the upper right corner of the section.

View the following statistics on the Applications screen:

• Applications
• Risk
• Productivity
• Families
• Subfamilies

View Web Security

Web security analytics show how the URL categories and URL reputation settings are performing.

To view security analytics for current Internet settings: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > Security, click Web to view statistics information. 

The following analytics information is displayed on the dashboard:

• URL Categories
• URL Reputation

View Firewall Analytics

Firewall analytics show how current security rules and IP settings are performing.

To view security analytics for current rules and IP settings: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > Security, click Firewall to view statistics information. 

The following tabs are available on the dashboard:

• Rules
• Source
• Destination
• Zones
• Forwarding Class

View Threat Analytics

Threat analytics show how current URL, IP, and malware settings are performing and summarize system vulnerabilities.

To view threat analytics: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards > Security, click Threats to view statistics information. 

The following tabs are available on the dashboard:

• Web
• IP
• Malware
• Vulnerabilities
• DDOS
• Summary

View System Interfaces

Use the Analytics > System > Interfaces dashboard to monitor WAN interfaces.

To view device interfaces: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards, click System to view the System dashboard. 
3. Click Interfaces to view the following interfaces:

• WAN Interfaces
• LTE Interfaces

View Guest VNF Information

Use the Analytics > System > Guest VNF dashboard to monitor Guest VNF.

To view Guest VNF information: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards, click System to view the System dashboard. 
3. Click Guest VNF to view the following:

• Guest VNF Health Monitoring
• Guest VNF Interface Statistics
• Guest VNF Events Logs

Hover over the windows in the dashboard to view Guest VNF information. Sort information using the drop-down menus provided at the top of the screen. View, sort, and filter analytics information using the tools provided in the upper right corner of the section. Copy, download, or print the list using the tools provided in the upper right corner of the section.

View Service Node Group Information

Use the Analytics > System > SNG dashboard to monitor service node groups (SNGs).

To view SNG information: 

1. Click the Analytics icon in the left menu bar to open the Analytics screen. The SD-WAN Dashboard screen opens by default.
2. In the left menu bar, under Dashboards, click System to view the System dashboard. 
3. Click SNG to view SNG statistics.
   
   

Monitor Tenant Health

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Summary tab.
3. In the Tenant Health window, click a category to open status details in a new window. Click Back to return to the Category window.

You can choose from the following tenant health categories:

• Configuration Sync Status
• Reachability Status
• Service Status
• Interfaces
• BGP Adjacencies
• IKE Status
• Paths

The following example shows the Tenant Health > Config Sync Status window.

The following example shows the Tenant Heath > Reachability Status window.

The following example shows the Tenant Health > Service Status window.

The following example shows the Tenant Health > Interfaces window.

The following example shows the Tenant Health > BGP Adjacencies window.

Click an entry in the BGP Adjacencies window to open the Details window for the entry. The Details window lists the tenant connection state and length of time the device has been connected, and local IP address information.

The following example shows the Tenant Health > IKE Status window.

The following example shows the Tenant Health > Paths window.

Click an entry in the Paths window to open the Details window for the entry. The Details window lists tenant class, local and remote WAN link information, connection state, and the last time the interface went down and came back up again.

Monitor Recent Events

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Summary tab.
3. In the Recent Events window, click the toggle to check alarm events every 5 minutes. Then click Details to view alarms on the system in a new window. 
   
   

View System Summary Information

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Summary tab.
3. In the System Summary window, click an option to open system status details in a new window.

You can choose from the following system options:

• Hardware Information
• Software Version
• Hardware Model

The following example shows the System Summary > Hardware Information window.

The following example shows the System Summary > Software Version window.

The following example shows the System Summary > Hardware Model window.

Monitor Application Activity

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Summary tab.
3. In the Application Activity window, view top application details in graph form. Click the  Gear icon to display details for the following options:

• Sessions
• Transactions
• Total Bytes Forward
• Total Bytes Reverse

Click the  Menu icon to choose print options. 

Monitor Services

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Summary tab.
3. In the Services window, view the number of active network and firewall connections.
   
   

Monitor Device Summary

To view device details for all appliances:

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options. The Summary tab displays by default.
   
   
    
4. Choose an interface from the Interface column and click the Eye  icon to view configuration information for that interface in a new window.
   
   
    

   Field	Description
   Interface	Name of the interface.
   Network Name	Name of the network.
   Service Provider	Name of the service provider.
   Status	Status can be Up or Down for: Operational Admin
   Live Data	Select the check box to enable the radio buttons below the table, then select either: All Traffic SD-WAN Traffic
   Bandwidth (Mbps)	Describes the configured and measured bandwidth for the interface, as well as availability of the LAN or WAN interface.

5. Click Measure to select specific measurement details. Select settings from the following drop down menus:

• Remote Destination (required to activate the remaining options)
• Remote Circuit Name
• Remote Circuit Media
• Remote Circuit Type
  ​​​​

6. Click Request to send the measurement request. 

Monitor Device Services

The Device tab displays device services and networking information.

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options.
4. Click the Services tab to manage services and networking settings. Manage system settings from the following columns:

• Services
• Networking
  ​​​​​​

Monitor Networking Services

The Device > Services > Networking screen allows you to monitor the following:

• Interfaces
• Routes
• BGP
• OSPF
• OSPFv3
• BFD
• DHCP
• COS
• VRRP
• LEF
• ARP
• IP-SLA

Monitor Device System Settings

To monitor device's system setting: 

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options.
4. Click the System tab to view the information below.
   
   
    

The Device > System screen displays the following information:

• CPE Resources (Move the toggle to the right to refresh the data every 10 seconds.)
• System Summary
• Device Summary
• System Overall Status
• Associate Templates
• NTP Client Statistics
• License

Use Device Tools

The Device > Tools screen contains the following testing tools:

• Ping the router
• Perform a traceroute test
• Perform tcpdump 
• Perform a speed test

Monitor Devices From a Shell

To use shell options:

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options.
4. Click Shell. Note that you must disable pop-up blocking to enable multiple CLI screens.

Monitor Configuration Status From a Shell

To monitor configuration status:

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options.
4. Click Config Status to open a CLI session for the following: 

• Sync To
• Sync From
• Compare

Upgrade Software

To upgrade software:

1. Click the Live Monitoring icon in the left menu bar to open the Live Monitoring dashboard.
2. Click the Devices tab.
3. Click a device in the Name column to open device monitoring options.
4. Click Upgrade to open the Upgrade Appliance pop-up window.
   
   
5. Select a software package.
6. (Optional) Click the Upload Only box.
7. Click OK.

Add a User

An enterprise administrator can add a new account and assign user roles and privileges. You cannot assign more privileges than the account you are using. Users can use their account to login to both Titan Portal and Titan Mobile.

To add a new user:

1. Click the Users icon in the left menu bar to display the Users dashboard.
2. Click Users drop-down list and select Titan User.
3. Click the + Add User icon at the top right to display the Add User window.
   
   
    
4. Enter information for the following fields.
    

   Field	Description
   First Name	Enter first name.
   Last Name	Enter last name.
   Email Address	Enter user email address. This automatically becomes the login name for the account. You can change the email address after creating the account but not the login name.
   Phone Number	Enter phone number. Used for push notifications in Titan Mobile.
   Two Factor Authentication	Slide the toggle to enable or disable two factor authentication.
   Role & Privileges	Click Enterprise Admin or Enterprise User to assign a role to the account.
   Enterprise Admin	Enterprise Admin roles have the following privileges: Read and write access to WAN, LTE, LAN, Security, and Steering settings. Read access to Director, Analytics & Live Monitoring, and Titan shop. By default, enterprise administrators have the following privileges: Read access to monitor, troubleshoot, inventory, and users menu items.  Write access to WiFi radio settings and read-only access to all other configuration settings. Can create a new site. Can create new user accounts but cannot assign more privileges to an account than they have themselves.
   Enterprise User	Enterprise User roles have the following privileges: Read and write access to WAN, LTE, LAN, Security, Steering, Secure Access, IPsec Backhaul, and Routing settings. Read access to Director and Analytics & Live Monitoring. By default, enterprise users have the following privileges: Read access to monitor and troubleshoot menu items. Write access to WiFi radio settings and read-only access to all other configuration settings.

   
    
5. Click Create to add the new user. Titan Portal automatically sends an email to the user with instructions on creating an account password and downloading Titan Mobile. Users can login to both Titan Portal and Titan Mobile using the account.

Add a Titan Secure VPN Service User

An enterprise administrator can add a new account for Titan secure VPN service user.

To add a new Titan secure VPN service user:

1. Click the Users icon in the left menu bar to display the Users dashboard.
2. Click Users drop-down list in the main pane and select Titan Secure VPN Service User.
   
   
    

   Field	Description
   Users	Select a user from the Users drop-down list: Titan User Titan Secure VPN Service User
   Licenses	Displays the license information: Total Used
   Import Users	Click  icon to import users from an Excel template.   Click Browse file icon and select the Excel template. Click Upload.
   Name	User's first and last name.
   Email	User email address. Initially matches username but can be edited.
   Phone	User phone number.
   Action	Click the 3-dot icon to choose an action: Edit a user Delete a user

   
    
3. Click the  icon at the top right to display the Add User window.
   
   
    
4. Enter information for the following fields.
    

   Field	Description
   First Name	Enter first name.
   Last Name	Enter last name.
   Email Address	Enter user email address. This automatically becomes the login name for the account. You can change the email address after creating the account but not the login name.
   Phone	Enter phone number. Used for push notifications in Titan Mobile.

5. Click Create.

Edit a User 

The enterprise admin can edit user information and change roles and privileges assigned to a user.

To edit a user:

1. Click the Users icon in the left menu bar to display the Users dashboard.
2. Hover over the 3-dot menu in the user Actions column and click Edit to display the Edit User window. 
   
   
3. Edit the information as needed in the fields provided. 
4. Click Enterprise User or Enterprise Admin to change roles.
5. Check or uncheck boxes to change Privileges.
6. Click Update to save the settings.

Delete a User

The enterprise admin can delete users from the Titan Users dashboard. Deleting an account with an active login automatically logs out the user. 

To delete a user:

1. Click the Users icon in the left navigation menu bar to display the Users dashboard.
2. Hover over the 3-dot menu in the user Actions column and click Delete.
3. Click Yes in the pop-up window to delete the user, or click No to return to the Users dashboard without deleting the user.

Physically Reset a Device

When you physically reset device, you switch the router power to off for approximately 30 seconds, and then turn router power on. Note that by resetting the device, all connected devices are temporarily disconnected.

Click Manually Reset Device to access the Manual Reset screen and follow directions on the screen to physically reset the router.

Restore Default Device Settings

If you cannot connect to WiFi from the Wireless Networks screen, you can reset the device to default settings. When you reset a device, all clients connected to the WiFi and intranet lose connectivity while the router reboots. It can take up to 3 minutes for the connection to resume. When reboot is complete, wait another 3 to 5 minutes for the router to become active.

To reset the device:

1. Click the Troubleshoot icon in the left menu bar to open the troubleshooting dashboard.
2. Hover over the site in the honeycomb that you would like to troubleshoot to open the option card for the device.
3. Click Troubleshoot in the Actions column of the device-options card to open the Troubleshoot screen.
4. Select Cannot connect to Wi-Fi  to open the Troubleshoot screen to reset the device.
   
   
5. Click Reset to open the Reset screen.
   
   
6. Click Continue to initiate device reset. Wait for the device to reboot and reconnect to WiFi.

View Internet Backup Signal Strength

If LTE backup is available, signal strength is displayed on the Speed Test screen. Signal strength above >65 is considered strong; a signal below this value is considered weak.

Note that you cannot run a speed test on LTE backup.

To check LTE Internet backup signal strength on the Titan portal:

1. Click the Troubleshoot icon in the left menu bar to open the troubleshooting dashboard.
2. Hover over the site in the honeycomb that you would like to troubleshoot to open the option card for the device.
3. Click Troubleshoot in the Actions column of the device-options card to open the Troubleshoot screen.
4. Select Slow Internet connection to open the Troubleshoot screen to check slow Internet connection.

Tap Reload to refresh any device connected with LTE internet backup to troubleshoot connectivity. Wait one minute, then tap Start Speed Test again to check for updated status. 

Slow Internet Connection

If you are experiencing slow internet connection, you can check that the network is up and that LTE Internet backup is not slowing the connection.

To check the connection:

1. Click the Troubleshoot icon in the left menu bar to open the troubleshooting dashboard.
2. Hover over the site in the honeycomb that you would like to troubleshoot to open the option card for the device.
3. Click Troubleshoot in the Actions column of the device-options card to open the Troubleshoot screen.
4. Select Slow Internet connection to open the Troubleshoot screen to check slow Internet connection.
   
   
5. Click Network to check settings on the Network screen.
   
   
6. Click Routes to check the status of the router routing table. Use the Search feature to find a route.
   
   
7. Click Ping to check that the router is available and connected. 
8. Enter a valid host name and IP address in the fields provided.
9. Click Start.
   
   
10. Click Traceroute to measure packet transit delays across the network.
11. Enter a valid host name and IP address in the field provided.
12. Click Start.
    
    

Checking Blacklisted Sites

1. Click Check Blacklisted Sites to add websites that you would like to block on the network. To block multiple websites, separate each URL with a comma.
   
   
2. Click Publish to save the settings to the router.

Add Sites to the Whitelist

1. Click Add Sites to Whitelist to add websites to always allow on the network, even if they are blocked by other settings. To add multiple websites, separate each URL with a comma. 
   
   
2. Click Publish to save the settings to the router.

Configure IP Address Reputation

1. Click IP Reputation to open the Reputation Level screen.
2. Select device IP reputation level settings. Click the down arrow in the left column to display a description of each category.:

• High Risk IP Addresses
• Suspicious IP Addresses
• Moderate Risk
• Low Risk
• Trustworthy

3. Click one of the 3 icons in the right column for each category to select a reputation level for that category:

• Blocked (red)
• Ask (amber)
• Allowed (blue)

4. Click Publish to save the settings to the router.

Configuring the URL Category

1. Click URL Category to open the URL category screen.
2. Click one of the boxes next to each name to adjust the URL filtering category. Click Information for a description of each category:

• Blocked
• Alert & Confirm

​

2. Click Publish to save the settings to the router.