260 likes | 497 Views
Aerohive BYOD Overview. Redefining Enterprise Access. Introduction to Aerohive :. Visionary Network Infrastructure Company Redefining Enterprise Access Cloud-enabled, Controller-less Wi-Fi, Routing, VPN, Switching Growing 2-3x y/y 7000+ Customers 450+ Employees
E N D
Aerohive BYOD Overview Redefining Enterprise Access
Introduction to Aerohive: • Visionary Network Infrastructure Company • Redefining Enterprise Access • Cloud-enabled, Controller-less Wi-Fi, Routing, VPN, Switching • Growing 2-3x y/y • 7000+ Customers • 450+ Employees • Most Visionary Vendor - Gartner MQ for Wired & Wireless LAN 2012 Education Enterprise Healthcare Retail Logistics Cloud Services Platform Private (on-premise) Public Partner Branch & Teleworker Routers / Switches Enterprise Wi-Fi Gartner MQ
Enterprise Wi-Fi Networking Evolution 802.11b/a 802.11g 802.11ac 802.11n Autonomous APs • Limited Intelligence • No RF / Network Awareness • Hard to manage (Managed directly) 1999 2010 2003 2007 Made possible by Moore’s Law • Cooperative Control • Distributed Intelligence • Auto RF • Secure seamless roaming • Ease of management • Increased Reliability • Improved Performance • Reduced Cost • Cloud or Centralized management Scalability, Resilience • Centralized Control • Centralized Intelligence • Auto RF • Secure seamless roaming • Ease of management • Single points of Failure • BW Bottleneck • Increased Cost Security, Manageability & Mobility
Future-Proof Infrastructure CooperativeControl Architecture Protocols are: Granularly & Infinitely Scalable, Resilient, Intelligent, Self-healing, Plug-n-play, and Free. Yes, Free.
New Requirements of the Network Edge Users want to work anywhere, on any device You need to enable them, without drowning in complexity $ X Yesterday Today Aerohive Networks - Simpli-fiEnterprise Networking Cloud-enabled, self organizing, service aware, identity-based infrastructure Corp deployed enterprise devices WLAN overlay Network centric Monolithic Corp / BYOD enterprise / consumer devices Ubiquitous Wi-Fi Access User Centric Elastic
Device Evolution 802.11b/a 802.11ac 802.11g 802.11n 1999 2010 2003 2007 Made possible by Moore’s Law ComputePower
Huge Questions on Device Ownership and Management What is the difference between these iPads? Almost Everything • BYOD • Enable employees to bring their device of choice • Not owned or controlled by IT • Wide range of devices • Driven by employee satisfaction and shifting of CapEx spend • Consumerization of IT • Consumer devices qualified, bought and deployed by IT • Replace legacy devices • Lower HW costs • Flexible, powerful • Enable new working models Contain Network-based MDM Secure Apps Only (e.g. VDI, Citrix) Embrace MDM Agents on Devices More App Flexibility
Limited Access Zone: The Third “Network” Limited AccessZone Corporate Network Guest Network Managed Device Managed Device Managed Device Credentials Credentials Credentials
BYOD and Corp Deployed Devices MDM Enrollment Access defined by ID & Device User Profiles Corp www MDM Quarantine Enroll L2-7 Firewall OS Detection Bonjour Gateway CWP PPSK RADIUS Corp user Guest user Corp user - BYOD BYOD & MDM Bonjour GW
Network-based - Mobile Device Management Corp Personal Device Access (BYOD) et to work with only one device Corporate Deployed - Consumer Device Access (iPad) Self-registration with AD or Preconfigured 802.1X or Assigned unique Private-PSK Device can be determined by various means Policy applied based on role or identity limiting access and applying QoS VDI protocols can be prioritized SaaS Internet HR VDI email • User Agent • Safari • iOS4, • iPhone 4 Active Directory Access (SSID) Corp (SSID) Corporate access to email only and internet Corporate access to business APPs only Captive Web Portal Private PSK Or 802.1X Private PSK Personal iPhone Corp iPad (business APPs only)
Use of Discreet Components:Better Quality Signal, Less APs, Balanced Links Using discrete radio components • High-powered radios are discrete components, affording the opportunity to improve receive sensitivity by also using better receive components (e.g. Low-Noise Amp (LNA)) • Superior receive sensitivity can improve upstream performance, especially of low-power consumer devices, balancing the AP/client link Increase AP Density/Reduce Power Marginal Performance AP Rx AP Rx AP Tx AP Tx AP Rx AP Tx AP Rx AP Tx Increase AP Receive Sensitivity
Band Steering Directs Clients between 2.4GHz & 5GHz Radios (bi-directional) AP Detects Dual-Band Capable Clients AP Selectively Responds (based on configured policy) AP Responds Immediately to Single-Band Clients Three Band Steering Options: Balanced Ratio (recommended) Urge 5GHz Use Force 5GHz Use 5 GHz 2.4 GHz
Load Balancing Optimizes performance by directing clients to the AP that can best handle the connection 80% 40 Clients Two Load Balancing Options: Airtime-Based (recommended) Station Count 20% 50% 20 Clients 10 Clients
Dynamic Airtime Scheduling With Contention, Fast Clients Wait for Airtime and Perform Like the Slowest Client 2 Fast Clients Throughput Speed of the network is subject to the slowest client Throughput 1 Slow Client, 1 Fast Client Slow Client Slow Client Time Fast Client Fast Client Dynamic Airtime Scheduling Allows Fast Clients to Transmit more Packets, Finish Quickly and Free Up the Air for the Slow Clients Faster clients dramatically improve their performance without impacting slower clients 2 Fast Clients 10x faster 1 Slow Client, 1 Fast Client Time
Enhanced Visibility and Control • Client Health Score at a glance…understanding a client’s health. Automatically Remediate Client & Network Issues • Move Clients • Band steer or load balance clients triggered by low client health score • Airtime Boost • Boosts clients’ airtime if unable to hit performance target • Click for details • & Click again for spectrum Visibility and Control Detail
Application Visibility and Control? SSID4 ? SSID7 ? SSID6 ? SSID8 ? SSID5 ? SSID9 ?
L7 Perspective Historical Filters Most Used Applications By Bandwidth Usage Heaviest Users Users By Device Type Top Apps by number of client devices
Aerohive Switching Platforms SR2024 SR2124P SR2148P 24 Gigabit Ethernet 48 Gigabit Ethernet 8 Ports PoE+ (195 W) 24 Ports PoE+ (408 W) 48 Ports PoE+ (779 W) 4 Ports 1G SFP Uplink 4 Ports 10 Gigabit SFP/SFP+ Uplink Routing with 3G/4G USB support and Line rate switching 56Gbps switching 128Gbps switching 176Gbps switching Single Power Supply Redundant Power Supply Capable
Deployment Scenarios – Small Branch Deployment Scenarios - Teleworker HQ Cloud VPN Gateway (VPN Concentration) 3G/4G Primary/Backup WAN/VPN Gateway Cloud Service Platform Internet HiveManager Online Guest Access Corporate Access via VPN & Internet via Cloud Security Home Network - Internet Access Only Corporate Access
Network Policy • Automatic policy template and sections • Flexible and allows changes as needs evolve • Single SSID and User Profiles across network policies
Unified Wired and Wireless Policy Wi-Fi One-Time Port Provisioning Can be applied to one or thousands of devices Switching Routing VPN Firewall Bonjour
Reduced Capex and Opex Less Operational Costs Less Infrastructure Costs Cloud Management Self Healing Zero Touch Provisioning Client Health Score Client Health Score