© 2012 Aerohive Networks CONFIDENTIAL Redefining Enterprise Access AEROHIVE BYOD OVERVIEW

© 2012 Aerohive Networks CONFIDENTIAL

Redefining Enterprise Access

AEROHIVE BYOD OVERVIEW


Introduction to Aerohive:

2

• Visionary Network Infrastructure Company› Redefining Enterprise Access› Cloud-enabled, Controller-less Wi-Fi,

Routing, VPN, Switching› Growing 2-3x y/y› 7000+ Customers› 450+ Employees› Most Visionary Vendor - Gartner MQ

for Wired & Wireless LAN 2012Branch & Teleworker Routers / Switches

Enterprise Wi-Fi

Cloud Services Platform

Public Partner Private (on-premise)

Gartner MQ

EducationEnterpriseHealthcare Retail Logistics

© 2012 Aerohive Networks CONFIDENTIAL3

Autonomous APs-Limited Intelligence

- No RF / Network Awareness

- Hard to manage (Managed directly)

Security, Manageability & Mobility

Centralized Control- Centralized Intelligence

- Auto RF- Secure seamless roaming- Ease of management- Single points of Failure- BW Bottleneck- Increased Cost

Cooperative Control - Distributed

Intelligence- Auto RF- Secure seamless

roaming- Ease of management - Increased Reliability- Improved Performance- Reduced Cost- Cloud or Centralized

management

Made possible by Moore’s Law

802.11b/a 802.11g 802.11n 802.11ac

2007 20101999 2003

Enterprise Wi-Fi Networking EvolutionS

cala

bilit

y, R

esilie

nce


Future-Proof Infrastructure

Cooperative Control ArchitectureProtocols are:Granularly & Infinitely Scalable, Resilient, Intelligent, Self-healing, Plug-n-play, and Free. Yes, Free.


New Requirements of the Network Edge

5

Users want to work anywhere, on any device

You need to enable them, without drowning in complexity

$XYesterday Today

• Corp deployed enterprise devices

• WLAN overlay

• Network centric

• Monolithic

• Corp / BYOD enterprise / consumer devices

• Ubiquitous Wi-Fi Access

• User Centric

• Elastic

Cloud-enabled, self organizing, service aware, identity-based infrastructure

Aerohive Networks - Simpli-fi Enterprise Networking


802.11ac

Device Evolution

10

Com

pu

te P

ow

er

802.11b/a 802.11g 802.11n

20031999 2007 2010

Made possible by Moore’s Law


Huge Questions on Device Ownership and Management

7

What is the difference between these iPads?

AlmostEverything

Consumerization of IT• Consumer devices qualified,

bought and deployed by IT• Replace legacy devices

• Lower HW costs• Flexible, powerful

• Enable new working models

BYOD• Enable employees to bring their device of choice

• Not owned or controlled by IT• Wide range of devices• Driven by employee satisfaction and shifting of CapEx spend

EmbraceMDM Agents on Devices

More App Flexibility

ContainNetwork-based MDM

Secure Apps Only (e.g. VDI, Citrix)


Limited Access Zone: The Third “Network”

Limited AccessZoneCorporate Network

Managed Device

Credentials

Guest Network

Managed Device

Credentials

Managed Device

Credentials


BYOD and Corp Deployed Devices

Access defined by ID & Device

RADIUS

PPSKCWP

L2-7 Firewall

Corp userCorp user - BYODGuest user

CORP Policy

Corp VLAN

LAN & Web FW

10Mbps per user

24HR Access

BYOD Policy

Restricted VLAN

Email & Web FW

5Mbps per user

M-F 8am-9pm

GUEST Policy

DMZ

Web Only FW

1Mbps per user

M-F 9am-5pm

User Profiles

9

OS Detection

MDM Enrollment

Bonjour Gateway

www Corp

Guest, BYOD

AppleTV(AirPlay)

Printer(AirPrint)

Bonjour

wwwCorp

MDM

QuarantineEnroll

BYOD & MDM Bonjour GW

© 2012 Aerohive Networks CONFIDENTIAL 10

Network-based - Mobile Device Management

Personal Device Access (BYOD)

et to work with only one device

Corporate Deployed - Consumer Device Access (iPad)Self-registration with AD or Preconfigured802.1X or Assigned unique Private-PSKDevice can be determined by various means Policy applied based on role or identity limiting

access and applying QoSVDI protocols can be prioritized

InternetCorp

HRemail

VDI

Active Directory

Access(SSID)

Corp (SSID)

Private PSK

Personal iPhone

Corporate access to email only and internet

Captive Web

Portal

User Agent• Safari• iOS4, • iPhone 4

Corp iPad (business APPs only)

Private PSK

Or802.1X

SaaS

Corporate access to business APPs only


Use of Discreet Components:Better Quality Signal, Less APs, Balanced Links

11

Using discrete radio components• High-powered radios are discrete components, affording the

opportunity to improve receive sensitivity by also using better receive components (e.g. Low-Noise Amp (LNA))

• Superior receive sensitivity can improve upstream performance, especially of low-power consumer devices, balancing the AP/client link

AP Tx

AP Rx

AP Tx

AP Rx

Marginal Performance

AP Tx

AP Rx

Increase AP Density/Reduce Power

AP Tx

AP Rx

Increase AP Receive Sensitivity


Band Steering

12

Directs Clients between 2.4GHz & 5GHz Radios (bi-directional)

Three Band Steering Options:

1. Balanced Ratio (recommended)

2. Urge 5GHz Use

3. Force 5GHz Use2.4 GHz

5 GHz

1. AP Detects Dual-Band Capable Clients2. AP Selectively Responds (based on configured policy)3. AP Responds Immediately to Single-Band Clients


Load Balancing

13

Optimizes performance by directing clients to the AP that can best handle the connection

Two Load Balancing Options:1. Airtime-Based

(recommended)

2. Station Count

20%

50%

80%

40 Clients

10 Clients

20 Clients


Time

2 FastClients

1 Slow Client, 1 Fast Client

With Contention, Fast Clients Wait for Airtime and Perform Like the Slowest Client

Dynamic Airtime Scheduling

14

Time

2 FastClients

1 Slow Client, 1 Fast Client

Dynamic Airtime Scheduling Allows Fast Clients to Transmit more Packets, Finish Quickly and Free Up the Air for the Slow Clients

Th

rou

gh

pu

t

Fast Client

Slow Client

Speed of the network is subject to the slowest client

Th

rou

gh

pu

t

Fast Client

Slow Client

Faster clients dramatically improve their performance without impacting slower clients

10

x fa

ste

r

Airtime Capacity

Airtime Capacity


Client Health Score at a glance…understanding a client’s health.

Enhanced Visibility and Control

15

Automatically Remediate Client & Network Issues

• Move Clients› Band steer or load balance clients triggered by low client health score

• Airtime Boost› Boosts clients’ airtime if unable to hit performance target

Visibility and Control Detail

Click for details & Click again for spectrum


Enhanced Visibility and Control

16


Application Visibility and Control?

VIP (Executive)

All Applications

SSID1

Employee

Limit YouTube

SSID3

Contractor

Block YouTube

SSID2

VIP (Executive)VIP (Executive)

All Applications

Contractor

Block YouTube

Contractor EmployeeEmployee

Limit YouTube

SSID4 ?

SSID5 ?

SSID6 ?

SSID7 ?

SSID8 ? SSID9

?


L7 Perspective

Historical Filters

Most Used Applications By Bandwidth Usage

Heaviest Users

Top Apps by number of client devices

Users By Device Type


User Drilldown


BYOD and Client Trend reports


Aerohive Switching Platforms

21

SR2124P SR2148P

24 Gigabit Ethernet 48 Gigabit Ethernet

4 Ports 1G SFP Uplink 4 Ports 10 Gigabit SFP/SFP+ Uplink

8 Ports PoE+ (195 W)24 Ports PoE+ (408

W)

128Gbps switching56Gbps switching 176Gbps switching

SR2024

48 Ports PoE+ (779 W)

Routing with 3G/4G USB support and Line rate switching

Redundant Power Supply CapableSingle Power Supply


Internet

HiveManager Online

HQ

WAN/VPN Gateway

Cloud VPN Gateway(VPN

Concentration)

Cloud Service Platform

Deployment Scenarios - Teleworker

22

Corporate Access via VPN

& Internet via Cloud Security

Home Network - Internet Access Only

3G/4G Primary/Backup

Corporate Access

GuestAccess

Deployment Scenarios – Small Branch


Network Policy

23

• Automatic policy template and sections› Flexible and allows changes as needs evolve› Single SSID and User Profiles across network policies


Unified Wired and Wireless Policy

24

Wi-Fi

Switching

RoutingVPNFirewallBonjour

One-Time Port Provisioning Can be

applied to one or thousands of devices


Less Operational Costs

Less Infrastructure Costs

Reduced Capex and Opex

25

Client Health Score

Good connection

High data rates & high successful transmission rates

Marginal connection

Lower data rates / lower successful transmission rates

Poor connection

Low data rates / low successful transmission rates

Cloud Management

Zero Touch Provisioning Self Healing

Client Health Score


THANK YOU!

26

Documents

© 2012 Aerohive Networks CONFIDENTIAL Redefining Enterprise Access AEROHIVE BYOD OVERVIEW