Mobility Optimized Access Layer

Similar documents
Aerohive Private PSK. solution brief

JUNIPER NETWORKS AND AEROHIVE NETWORKS: CLOUD- ENABLED SOLUTIONS FOR THE ENTERPRISE

Juniper Networks and Aerohive Networks: Cloud-Enabled Solutions for the Enterprise

Aerohive and IntelliGO End-to-End Security for devices on your network

HiveManager Local Cloud

DATA SHEET. Cloud-Managed Mid-Enterprise SD-WAN Router with Gigabit PoE+ Ethernet

The Economic Benefits of a Cooperative Control Wireless LAN Architecture

The Aruba S3500 Mobility Access Switch

Simplifying the Branch Network

Meraki MS Series Switches

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Juniper Sky Enterprise

JURUMANI MERAKI CLOUD MANAGED SECURITY & SD-WAN

Delivering the Wireless Software-Defined Branch

White Paper. BYOD and Beyond: How To Turn BYOD into Productivity

Our Virtual Intelligent Network Overlay (VINO) solutions bring next-generation performance and efficiency to business networks throughout North

Meraki MS Series Switches

Aerohive Cloud-based Wi-Fi Overview

Exam Code: Exam Code: Exam Name: Advanced Borderless Network Architecture Systems Engineer test.

FIPS Validated i WLAN

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

HiveManager Public Cloud

MS120 Switches. Cloud-managed access switches with 1G SFP uplinks, designed for branch deployments. Datasheet MS120 Switches

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

Alcatel-Lucent OmniVista 2500 Network Management System

Cisco Meraki Wireless Solution Comparison

The Aruba Mobile Virtual Enterprise for Government. The Next Generation Network Access Architecture for Mobile Technology

Features. HDX WAN optimization. QoS

Meraki MX Family Cloud Managed Security Appliances

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

MS Cloud Managed Gigabit Switch Series

Vendor: Cisco. Exam Code: Exam Name: Cisco Sales Expert. Version: Demo

INNOVATIVE SD-WAN TECHNOLOGY

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Extending Enterprise Security to Public and Hybrid Clouds

Meraki MX Family Cloud Managed Security Appliances

Meraki Z-Series Cloud Managed Teleworker Gateway

The Economics of Cooperative Control Protocols are Free

Connectivity to Cloud-First Applications

MS Cloud Managed Gigabit Switch Series

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Not all SD-WANs are Created Equal: Performance Matters

White Paper. OCP Enabled Switching. SDN Solutions Guide

The Cisco BYOD Smart Solution

A connected workforce is a more productive workforce

Ciprian Stroe Senior Presales Consultant, CCIE# Cisco and/or its affiliates. All rights reserved.

MS210 SERIES. Stackable access switches with 1G SFP uplinks, designed for the branch and campus. Datasheet MS210 Series Switches

Guide to SDN, SD-WAN, NFV, and VNF

Benefits of SD-WAN to the Distributed Enterprise

Juniper Networks M-series and J-series Routers. M10i. Solution Brochure J4350. Internet. Regional Office/ Medium Central Site. Branch Office J2320

SOLUTION BROCHURE. Mobility Changes Everything

DATA SHEET HIGHTLIGHTS Deploying a Single System to Manage All Devices and Services Implementing Service Assurance

MS120-8 Compact Switch

Vortex Whitepaper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

COMPLETE YOUR GO-TO-MARKET PLAN BUSINESS SOLUTIONS BARRY DERRICK PRODUCT MARKETING MANAGER

Cisco Universal Wi-Fi Solution 7.0

Secure Mobility Challenges. Fat APs, Decentralized Risk. Physical Access. Business Requirements

The Neutron Series Distributed Network Management Solution

Meraki MS22 / MS42 Cloud Managed Gigabit PoE Switch Family

Enterprise Redefined, Mobility Your Way

Meraki 2018 Solution Brochure

Cloud Managed IT for Modern Organizations

Deploying Cisco SD-WAN on AWS

White. Paper. The Application Deluge and Visibility Imperative. How to Ensure Network Performance for Your Business-critical Applications.

Deployments and Network Topologies

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

MS225 SERIES. Stackable access switches with 10G SFP+ uplinks, designed for the branch and campus. Datasheet MS225 Series Switches

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

MS225 SERIES. Stackable access switches with 10G SFP+ uplinks, designed for the branch and campus. Datasheet MS225 Series Switches

MR Cloud Managed Wireless Access Points

WLAN solutions to manage BYOD

Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice

Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Enhanced Intelligent QoS

Cisco ISR G2 Management Overview

AEROHIVE CONNECT VS. SELECT

DATA SHEET. Enterprise-grade 4x4, 4-stream, ax Access Point with Integrated Antennas

ShoreTel Network Services Portfolio

Meraki Solution Brochure

The Context Aware Network A Holistic Approach to BYOD

Versa Software-Defined Solutions for Service Providers

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

Unified Communications VoIP Routing/Switching Security 3G Wi-Fi. NetVanta Business Networking Solutions

Service Automation Made Easy

SD-WAN Transform Your Agency

Hybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure

MS Cloud Managed Switches

Your wireless network

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

Why consider Cisco Meraki

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

RingCentral White Paper UCaaS Connectivity Options in the New Age. White Paper. UCaaS Connectivity Options in the New Age: Best Practices

ExtremeWireless WiNG NX 9500

Juniper Networks M Series and J Series Routers

SIMPLIFYING COMMUNICATIONS FOR THE WAY PEOPLE WORK TODAY

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

DATA SHEET. Enterprise-Grade 4x4, 4-stream, ax Access Point with Integrated Antennas

ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY, IS REDEFINING THE INTELLIGENT EDGE WITH MOBILITY AND IOT SOLUTIONS FOR ORGANIZATIONS

DATA SHEET. Performance-Optimized ac Dual-Radio 3x3:3 Access Point

Wireless LAN Solutions

Prepare Your Network for BYOD. Meraki Webinar Series

Transcription:

solution brief Mobility Optimized Access Layer Completing the Hive with Aerohive Switches

Designing for Mobile First Legacy enterprise networks were never designed to accommodate the complexity of a mobile-first enterprise one where the focus is on the user and the device and the primary access medium is wireless. In a traditional enterprise network design, the network policy, including access, priority, and security requirements, is applied based on a physical port, a VLAN, or even an SSID. In these network-centric environments, network elements could be managed as individual devices by disparate management systems because they were comparatively simple and end users were static. Trying to accommodate the modern-first reality where wireless is the primary access layer and where users are doing mission-critical work from virtually any location with these legacy systems is cumbersome. This typically leads to adding wireless functionality as an overlay to the legacy infrastructure and managing it as a separate solution. The modern mobile-first network requires a mobility-optimized approach that is not dependent on network access and is more user-centric. Context elements, such as user identity, device type, application, location, and time of day are the primary building blocks used to create granular policies that dictate how, when, and what the user can access. Even more importantly, supporting mobility means ensuring the user experience is optimized based on that context. Trying to deliver the required levels of manageability and control associated with enterprise mobility using legacy suboptimized systems is virtually impossible and significantly increases the operational burden on IT departments. In comparison, designing for a mobile-first enterprise leads to a mobility-optimized approach that focuses on tightly integrated systems that reduce the complexities of a highly mobile user base. In response to this growing need, Aerohive is expanding its cloud-networking portfolio to include enterprise-class access switches that will greatly simplify network management and provisioning. When combined with Aerohive s access points and branch routers, this approach not only allows the access layer to be managed as a single unified entity, but it also allows management information to be presented by context user identity, device type, application, location, and time. While adding the user-centric intelligence of Aerohive Wi-Fi to enhance a legacy enterprise network is an excellent first step and is valuable in its own right, complementing the Wi-Fi with Aerohive access switches and/or branch routers creates a mobility optimized access layer and substantially improves the visibility and control that IT has over the access layer and reduces the operational cost associated with a modern mobile-first enterprise. 2 Copyright 2013, Aerohive Networks, Inc.

Enter the Aerohive SR series of enterprise access switches Aerohive Networks SR platforms combine enterprise-class access switching with cloudenabled management, on-demand provisioning, and secure branch routing to provide an advanced networking feature set to the edge of your network. Built on the deep, feature-rich HiveOS operating system, the SR platforms offer state-of-the-art gigabit switching with advanced features like user-based QoS and 802.1X multiple authentication for voice and data coexistence, along with traditional switch features such as LLDP, Spanning Tree, and IGMP snooping. In addition, the SRs accelerate branch consolidation efforts by integrating secure branch routing, 3G/4G connectivity, and advanced switching to provide an all-in-one solution for branch offices. Combining these capabilities with cloud-based services such as hands-free configuration and updates and unified wired and wireless policies allows the SRs to join the rest of the Aerohive Cooperative Control devices to provide a seamless, mobileoptimized experience for all connected users. Secure Switching with On-Demand Provisioning The SR series are gigabit switches with high-power PoE for security cameras or high-powered versions of new 802.11ac APs, and support the advanced capabilities of HiveOS, including RADIUS, 802.1X security, and cloud-based management. By integrating with the Aerohive Cloud Services Platform, the SR series can be brought online by simply shipping the equipment to the install site and plugging it in. The SR will automatically find the HiveManager, either in Aerohive s public cloud or on a customer premises, download complete configuration, security, and corporate policies, and instantly provide service for connected devices. Cloud-Enabled Stacking - The SR switches support Aerohive Cooperative Control protocols, allowing them to interoperate with other HiveOS devices and securely share policy information. By using the unified policy configured in HiveManager, it is possible to combine multiple Aerohive SR switches together to provide a seamless experience for connected clients, even if the devices aren t in the same physical location. Devices can be put into groups and managed and monitored as a single group. Cloud enabled stacking doesn t require additional configuration or ports, proprietary cables or protocols, or concern for geography. Multi-Level Authentication In keeping with the focus on unified security across the access layer, the Aerohive switches also support multi-level authentication, which allows an administrator to specify multiple types of authentication per port, such as MAC authentication and 802.1X, and the order in which they will be processed. This provides flexibility to use the port for multiple purposes while still ensuring the access ports are secured. Copyright 2013, Aerohive Networks, Inc. 3

Branch Consolidation SRs combine a power branch router, stateful firewall, and enterprise-class switch offering full-line rate switching along with IPSec VPN, 802.1X, Policy-Based Routing, Cloud Proxy, and 3G/4G WAN diversity. The SR Series offers administrators the flexibility and ease-ofuse required to drastically reduce the time-to-operation and expenses associated with managing large-scale branch deployments. Being part of the Hive The SR family leverages Aerohive HiveOS Cooperative Control to provide robust switching functionality that is in harmony with the Wi-Fi infrastructure, including unified policy, management, and reporting. Since the SR series joins the Hive created by Aerohive devices sharing information using the cooperative control protocols, these switches learn context from the APs or branch routers, including user identity and device type. This information can be used in policy enforcement decisions in the switch, such as routing, firewall, or Quality of Service (QoS). 4 Copyright 2013, Aerohive Networks, Inc.

The SR can also route, filter, or prioritize traffic based on an assigned user profile. For example, during a WAN outage when WAN traffic is rerouted to a 4G connection, all BYOD users or guests could be excluded from routing out the expensive mobile connection. Another example could include a firewall policy that allows contractors to access to certain resources but not others based on their identity. This approach also means that network policies can be used on both wired and wireless devices and the configuration of these policies can be done centrally from a single management console. Aerohive HiveManager provides a single workflow to configure all HiveOS devices, starting from the SSID where an administrator can define the network, authentication, user profiles, and security policies assigned to wireless users based on their identity and device. The administrator can then move on to configuring wired access ports using the same user profile and security policy elements assigned to the SSID(s). The port configurations are extremely flexible, and allow for standardizing switching configurations across an entire organization. Continuing through the workflow, administrators can move on to services such as IPSec VPN, Identity-based routing, and Bonjour Gateway that again can reuse the policy elements configured above. Not only does this take the guesswork out of configuring consistent policies and services on separate network devices, but it also means that network configuration is easily replicable on hundreds or thousands of devices. Unified Policy and Workflow Step 1: Wireless Access Configuration Copyright 2013, Aerohive Networks, Inc. 5

Step 2: Wired Access Configuration Step 3: Services Configuration 6 Copyright 2013, Aerohive Networks, Inc.

Once the policy is complete and the devices have all retrieved the information from HiveManager, the administrator can use the customizable dashboard to monitor and manage the network. Administrators can use the available perspectives to detail usage trends or troubleshoot the network, or create their own perspectives to plan capacity or review analytics that detail client device types, top users and clients by data usage, and even application statistics. All of the information is available real-time as well as in historical reports that can be rolled up and distributed to provide trend information across the entire deployment. Optimizing for Mobility Designing a solution truly focused on user mobility and enabling productivity from anywhere is something many organizations strive for in this mobile-first age. Once you have all the elements in place, ensuring optimized user experience based on what is business-critical to a particular user based on their identity and device type is the next major hurdle. With the addition of application visibility and control to HiveManager and HiveOS, administrators can see what applications are in use by each mobile user, and prioritize application and network access based on user context such as identity, device type, location and time. This user-centric policy configuration is unique to Aerohive, built upon the power of cooperative control and the HiveOS operating system which was designed from the ground up to provide flexible and optimized user experience. Copyright 2013, Aerohive Networks, Inc. 7

Administrators can use the powerful HiveManager dashboard to match applications with individual users, or user groups (Guest, BYOD, Employee), and in just a few clicks modify their unified policies to block, limit or prioritize the applications. The robust traffic shaping capabilities on Aerohive access points includes almost 1000 Layer 7 applications, which allows an administrator to identify and prioritize the delivery and user experience for mission critical applications based on the type of user and device attempting to use the protocol. In addition, the stateful firewall capabilities built into access points supports the ability to block or permit access to applications based on user, device type, location and time. This enables administrators to enforce policy even on evasive applications such as BitTorrent and Facebook based on identity and device type. For example, an administrator could permit access to any application for a C-level executive, block YouTube for contractors, and limit YouTube for employees. All together, Aerohive provides comprehensive access solutions for the mobile-first enterprise. Built from the ground up for today s challenges, Aerohive sets new standards for how to address the global trends that are impacting every organization with a unique and powerful combination of distributed networking intelligence and an industry leading, cloud services infrastructure. This allows Aerohive to deliver secure, mobility-optimized access to every site with consistent, predictable service and maximum security. Enabling secure mobility regardless of the users location or device and optimizing the user experience with mobile applications allows the enterprise to enjoy greater productivity, improved employee morale, and better customer service, while at the same time reducing cost and complexity. Aerohive truly transitions work from a place you go to a thing you do. 8 Copyright 2013, Aerohive Networks, Inc.

About Aerohive People want to work anywhere; on any device, and IT needs to enable them -- without drowning in complexity or compromising on security, performance, reliability or cost. Aerohive's mission is to Simpli-Fi these enterprise access networks with a cloudenabled, self-organizing, service-aware, identity-based infrastructure that includes innovative Wi-Fi, VPN, branch routing and switching solutions. Aerohive was founded in 2006 and is headquartered in Sunnyvale, Calif. The company's investors include Kleiner Perkins Caufield & Byers, Lightspeed Venture Partners, Northern Light Venture Capital, New Enterprise Associates, Inc. (NEA) and Institutional Venture Partners (IVP). For more information, please visit www.aerohive.com, call us at 408-510-6100, follow us on Twitter @Aerohive, subscribe to our blog, join our community or become a fan on our Facebook page. Corporate Headquarters EMEA Headquarters Aerohive Networks, Inc. Aerohive Networks Europe LTD 330 Gibraltar Drive The Courtyard Sunnyvale, California 94089 USA 16-18 West Street Phone: 408.510.6100 Farnham Toll Free: 1.866.918.9918 Surrey, UK GU9 7HW Fax: 408.510.6199 +44 (0)1252 736590 info@aerohive.com Fax: +44 (0)1252711901 www.aerohive.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback