Ready

2@ArubaNetworks | #ATMMeetup
EDGE SOFTWARE PLATFORM
SD-WANWirelessWired
INFRASTRUCTURE
LIFECYCLE
READY
INFRASTRUCTURE
READY
SECURE POLICY
READY
ARUBA EDGE ARCHITECTURE
CAMPUS | BRANCH | DATA CENTER

INFRASTRUCTURE
READY

CUSTOMER NETWORKING CHALLENGES
IN THE EDGE-CLOUD ERA
Legacy Networks
Can’t Keep Pace
Aging, oversubscribed
infrastructure inhibits
IT agility and digitalization
Fragmented
Operations
Closed, disparate OSes
and operating models
with complex licensing
overtaxes IT
Constrained Control
and Visibility
Fragmented data with remote
analytics can’t offer the depth
of actionable insights needed
How Can IT Deliver the
Digital Experiences of the Future?

ARUBA CX SWITCHING PORTFOLIO
NEW INNOVATIONSBUILT-IN AUTOMATION & ANALYTICS DESIGNED FOR THE NETWORK OPERATOR
Advanced analytics and
intelligent configuration
workflows for operational
simplicity
Next-gen chassis &
stackable switches with
differentiation at every
layer
NetEdit 2.0 with
NAE IntegrationAOS-CX CX 6300 and CX 6400
Series Switches
5th major release extends
cloud-native OS to campus
access
Time-Series Database
Network Analytics Engine
100% REST APIs
Accessible from System, NMS or Cloud
AOS-CX
State Database
Micro-Services
Architecture
10.4

AOS-CX:
BUILT ON CLOUD-
NATIVE PRINCIPLES
Time-Series Database
Aruba Network Analytics Engine
100% REST APIs
Accessible from System, NMS or Cloud
AOS-CX
State Database
Micro-Services
Architecture
Modular OS Full Programmability
Resiliency by Design Elastic &
Scalable
Source: Gartner - Top Emerging Trends in Cloud Native Infrastructure (May’19)

5TH MAJOR RELEASE: AOS-CX 10.4
CORE-PROVEN RELIABLITY, NOW WITH 140+ ACCESS LAYER FEATURES
MP-BGP EVPN
over VXLAN
IoT
Guest
BYOD
Corp Office 365
Academic
Records
n0tma1ware
.biz
AirGroup
Dynamic
Segmentation
Scalable, switch-to-
switch segmentation for
data center and now
campus networks
Secure, unified access
across wired and
wireless for users and
IoT, enabled by
policy-based
automation
EXTENDED TO ACCESS AND AOS-CX
Always-
On PoE
Enable APs, healthcare
devices, sensors, and
IoT devices to be
powered on 100% of
the time

ONE PORTFOLIO
FOR EDGE ACCESS
TO DATA CENTER

STREAMLINING
NETWORK OPERATIONSCONSISTENT ARCHITECTURE AND OPERATING MODEL FROM EDGE ACCESS TO DATA CENTER
Other Vendor Approaches Aruba CX Approach
Aruba CX
vs
Architecture A Architecture B Architecture C
STORE HQ CAMPUS DATA CENTER
Multiple OS
Management
Software
Licensing
Headaches
Various
Platform
Constraints
Cross-
Domain
Complexity
STORE HQ CAMPUS DATA CENTER
Simplified
Design
No Software
Licensing
DC-Class
Performance
Improved IT
Efficiency

Access Aggregation Core Spine Leaf
ARUBA CX SWITCHING
FOR THE ENTERPRISE
NEW PLATFORMS COMPLETE END-TO-END SWITCHING PORTFOLIO
One Operating System. One ASIC Architecture. One Operating Model.
CX 6300
CX 6400
CX 83xx
AOS-CX
Data CenterCampus
Deep buffers
Large tables
Carrier-class HA
Top of Rack
Small Core
Campus Agg
Modular
High-density access
Core and Agg
Stackable
Access and Agg
Diverse closet scale
CX 8400

ARUBA CX 6300
FLEXIBLE, STACKABLE SWITCHES BUILT FOR THE FUTURE
Future ready: 1/10G to 25/50G uplinks
for scale and investment protection
Flexible growth: VSF stacking
for ease of management and
collapsed architectures
Built for Wi-Fi 6: Smart Rate on all
ports and 60W always-on PoE
880G
Capacity
2880W
60W PoE
10 member
Stacking
7
Modular power
switches
4
integrated
power switches
1
operating
model

ARUBA CX 6400
PERFORMANCE, SCALE, AND HIGH AVAILABILITY
Flexibility and scale:
From 1G PoE access to 28T core
Data center class performance:
Data center class non-blocking,
distributed architecture and no
oversubscription
Built for Wi-Fi 6: Up to 480 ports of
Smart Rate and 60W always-on PoE
Future ready: Up to 2.8T per slot and
20 Bpps, 1G to 100G interfaces
High availability: Live Upgrades with
VSX, redundant hot swappable power
and fans
15x more
bandwidth1
30% higher
PoE density1
100% greater
multi-gig density1
5
access line
cards
1
operating
model
3
core/agg
line cards
2
chassis
options

ARCHITECTURE MATTERS
ARUBA GEN7 ASIC
Flexible
Programmability
Dynamic programming of
network resources for
use case optimization
Faster
Innovation
Tight integration between
hardware and software
gets new capabilities to
market faster
Non-Blocking
Performance
High-performance VOQ capability
prevents head-of-line blocking,
optimizing use of all ports
30+Years of IP
7thGeneration Architecture

Mobility Master
(VA)
Mobility
Controllers
(MC-VA)
Mobility
Controllers
(MC-VA)
• Seamless roaming experience
with controller clustering
• Automated user & AP load-balancing in
a controller cluster – better use experience
in congested area with more even
distribution
• No disruptions to real-time voice/video
apps – seamless controller failovers
and seamless core failovers
• Live Upgrade – perform maintenance
without downtime on your core or mobility
infrastructure, no maintenance window
needed
Mobility Master
(HW)
AOS-CX (VSX)
INCREASE NETWORK AVAILABILITY

IMPROVED EXPERIENCES WITH WI-FI 6 (802.11ax)
PROBLEMS IT WILL SOLVE
Degraded client performance in
dense WLAN use-cases with typical
enterprise data traffic
Networks deployed now may not be
ready to deal with the continued
growth in client device numbers,
their bandwidth demands, and the
broad mix of client types
IMPROVEMENTS
Improved system efficiency,
resulting in significantly increased
average client performance
Significant power savings
opportunities for client devices
Ability to provide optimized data
pipes of varying bandwidths to broad
range of client device types
Much more robust and longer-range
outdoor links
COMMON CONCERNS
Limited number of clients today
– Many are coming soon, and being
prepared is a good thing
Products readiness
– APs have been out for ~1yr now
Have to upgrade my wired network
- No, existing infrastructure can be
used with PoE aggregation
There may be a price premium
- The difference between Wi-Fi 6 over
Wi-Fi 5 (802.11ac) is quite small

WHAT IS THE STATE OF WI-FI 6?
Ratification of
the amendment
expected by
January 2020
Launch of WFA
certification
program (R1)
expected by
August 2019
Prerequisites: WPA3,
MBO and ac/n
Key features in R1:
DL/UL-OFDMA (m),
DL-MU-MIMO (m*),
TxBF (m*), TWT (m),
20MHz-only STA (m),
160MHz (o)
Key features NOT in
R1:
UL-MU-MIMO, Spatial
Reuse, 80+80
Chipsets and
drivers almost
there
Early versions available
now, mature solutions
not quite there yet
Beware: some are not
SW upgradable to
Wi-Fi 6 compliance,
others come with early
incomplete/unstable
drivers
Client devices
coming in 2019+
Switches
Multi-gigabit
Ethernet (HPE
Smart Rate,
802.3bz) available
now on the Aruba
2930M, 3810 and
5400R switches
60 Watt PoE
802.3bt
Started shipping
AP-515
We don’t use draft
chipsets. Will
pass R1 WFA.
20192018Mid-2018 Mid-2019 20202019
Launched the
AP-530 series
Aruba’s Wi-Fi 6
flagship models
Launched the
AP-555

First/Early to market with software-
upgradable products that are Wi-Fi
Alliance certifiable
It’s in our DNA and makes
business-sense. We won’t use draft
chipsets for throwaway platforms
We’ll deliver Wi-Fi 6 with quality,
stability, and reliability
Wi-Fi 6 must be built from the
ground up and futureproofed
without early adopter pain
We’ll differentiate with AP & system
level features at a range of price
and performance points
The new radio is one piece of our
overall solution, and adds value to
all platform types
AP-515
4x4 / 2x2
2.5 / 1.0
802.3at
AP-535
4x4 / 4x4
5.0 / 5.0
802.3at*
AP-555
8x8 / 4x4
5.0 / 5.0
802.3bt*
ARUBA’S WI-FI 6 STARTING LINEUP
FAMILY OF ARUBA WI-FI 6 APS INTRODUCED IN 2018

Our next release will be the
entry level Wi-Fi 6 AP.
With our flagship models
introduced, we are focused on
delivering the lower cost
offerings.
High-performance Wi-Fi 6
hospitality APs
Coming soon
High-performance Wi-Fi 6
outdoor series
Coming soon
AP-504/505
2x2 / 2x2
1.0
802.3at
ARUBA’S WI-FI 6 UPCOMING MODELS
ROLLING OUT THE REST OF ARUBA’S WI-FI 6 PORTFOLIO

Hazardous locations are
defined as environments
where concentrations of
flammable gases, vapors
and dust occur.
Electrical equipment must
be designed and tested to
ensure they don’t initiate an
explosion
WHAT IS A HAZARDOUS LOCATION? WHAT IS A HAZARDOUS LOC
AVAILABLE
NOW
AP-375EX

WI-FI GOES GREEN FOR DIGITAL WORKSPACES WITH THE 5XX SERIES
Built-in Green AP “Deep Sleep Mode”
support in Aruba 5XX series.
With the help of AI/ML, NetInsight will
identify underutilized APs.
N.I. puts underutilized APs into Deep
Sleep Mode, while ensuring sufficient
coverage remains in the area.
Up to 72% in power can be saved
(from approx. 21W to 6W).

ARUBA ACCESS POINTS AS AN IOT PLATFORM
Multiple radio access
networks (Multi-RAN)• Stream your IOT telemetry data to any destination
• Over 400 certified partners with more ever quarter
• Interoperability certifications are fully backed by complete
QA suite, detailed solution, and API documentation
Wi-Fi 6
(802.11ax)
Bluetooth 5 &
BLE
802.15.4
includes
Zigbee
Custom
Protocols
802.15.4 IoT
expansion radio
Coming soon

AOS 8 SOFTWARE UPDATE
Security
• Role-to-role ACL support
• WPA3 enhancements
• RAP external whitelist with cluster
WiFi 6 Feature Extensions
• UL/DL OFDMA, Beamforming, BSS Coloring
• MBO Support
IPv6 Enhancements
• L2/L3 MM Redundancy
• Centralized Licensing
• IPv6 Policy Based Routing
IoT Management
• Telemetry interface VLAN
• 802.15.4 chipsets (Zigbee)
Usability Enhancements
• IoT Transport Profile in UI
• New ap-provisioning admin role
• File management in MM UI
• Disconnect/Blacklist clients from MM UI
Aruba Instant
• MAC Auth Survivability
• WiFi Uplink
• Higher ACL scale and Improved Roaming

SIMPLE CONFIGURATION: ENOCEAN EXAMPLE
Controller
AP
Web Server
JSON POST
IOT Profile
Internet/LED off
API Call
iot transportProfile "enocean"
serverType Telemetry-Https
serverURL "https://10.70.3.3/test.html"
deviceClassFilter enocean-switches
deviceClassFilter enocean-sensors
include-ap-group "School"

LIFECYCLE READY

DHCP Response
Secure Onboarding with embedded
TPM chip on all Aruba devices
Ease of use, Zero touch to
provision APs, switches, controllers
Create Bulk Config to push to
large, complex networks
Complete Trust Zero Touch Scale
DHCP Request
MD then reaches out to MM
with Serial #, MAC addr, cert
MD reaches out to Activate
with Serial #, MAC addr
Activate authenticates device
and redirects to MM IP and
provides cert
MM authenticates device and then
pushes down config, image
Aruba
Activate
DHCP
Server
TPM Chipset
MM registers with Activate
and provides cert
ZTP FOR SECURE AND FAST DEVICE DEPLOYMENT

TURNING NETWORK TELEMETRY
INTO ACTIONABLE INSIGHTSINTELLIGENT PRE-PROCESSING WITH ARUBA NETWORK ANALYTICS ENGINE
vs
Aruba NetEditProbes and Show
Commands
Telemetry
Streaming
Third-Party
Monitoring Tools
>_
Needle in the
haystack
Latency and large,
unfiltered data sets
Manual correlation
and limited
actionable insights
Difficult to
recreate and/or
identify issues
Delays in data
processing and
analysis
Resource
intensive with
longer MTTR
Real-time,
network-wide
visibility with
actionable data
24/7 network
technician built-in
to every switch
Automated
monitoring for
rapid detection
of issues
Other Monitoring Approaches Aruba CX Approach
CX Access CX Access CX Access
CX Core
NAE integrated everywhere in network

Transceiver Diagnostics for Health
and Failure Root Cause
VSX Health Monitor to Highlight
VSX Stability
Monitor and Change Route when
Failure Detected
Predictive Fault Finder for General
Network Health
VoIP monitor based on IPSLA
transactions
MAC and ARP Count Analytics to
Ensure Proper Device Load
IT Workflow Integrations
ITSM integrated change mgmt.
with ServiceNow / TopDesk
Proactive Email notifications for
critical events and errors
Auto-config archiving with TFTP
config updates
Network Health Reporting Proactive Monitoring
CUSTOMER USE CASE CO-DEVELOPMENT
Deep R&D engagements with numerous customers, delivering customer focused solutions
NAE Scripts Published on Aruba Solutions Exchange (ASE)
CUSTOMER FOCUS
BRINGS ANALYTICS TO LIFE

ANALYTICS AND AUTOMATION
POWERED NETWORK OPERATIONS
AUTOMATED CONFIG MANAGEMENT WITH ARUBA NETEDIT
CX Mobile App
Search
Edit
Validate
Deploy
Audit
Troubleshoot
Management Simplicity
Topology for fast view into network health, including devices with config issues
GUI-driven solution configs to implement common configurations
easily across multiple systems
Auto-Change Verification to minimize change windows and reduce errors
Continuous Validation to monitor for deviations from intended policy or design
Visibility and Analytics via NAE
Embedded analytics with real-time health status and
diagnostics for efficient root cause analysis
Health reports on devices, apps, and network services
Script tags indicate what layer is contributing to issues,
speeding root cause analysis
Workflow Integration with 3rd Party Tools
Immediate notifications from Slack, TOPdesk, ServiceNow, etc.
One Touch Deployment with Aruba CX Mobile App
Accelerate day zero config, view and manage using your mobile device

SAVE TIME AND REDUCE RISK
WITH NEXT-GEN CONFIG EXPERIENCE
ARUBA CX APPROACH
1. Translate audit findings into specific config changes
2. Make changes using simple GUI-driven workflows, pan-network
3. Done!
LEGACY APPROACH
1. Translate audit findings into specific config changes
2. Identify which/where Config Templates are at variance
3. Identify individual switches at variance with Templates
4. Script CLI changes for each unique config group
5. Config change review meeting to find errors & validate
6. Push to each switch where required, one-by-one
7. Spot-check switch configs for best-effort assurance
8. Spot-check for unintended consequences to network
9. Update and create new Config Templates as needed
10. Document switches at variance w/ Templates for future
Aruba NetEdit
Use Case Insurance co must rapidly update network configurations after compliance audit
Command-line scripting

SIMPLIFYING THE
OPERATOR EXPERIENCE
FROM DAY 0 THROUGH DAY 2 OPERATIONS
New switch and its config are
automatically imported
Install a new switch to the
network using mobile app and
connect to management
Manage, automate, validate,
and verify configuration and
network state including
compliance
Resolve issues using always-on
monitoring with built-in
diagnostics and dynamic actions
within every node

SECURE POLICY
READY

Services enablement for Financial Services PCI compliance for Retail
Operational simplification for Higher Ed Wired security without 802.1x in K-12
Use case: Desktop team needs to upgrade/update
PCs, but ran afoul of IT policies for Internet
access
Use case: PCI compliance for apparel retail shops as
part of an overall Aruba branch solution
with ZTP
Use case: Segmentation by department across
campuses
Use case: Strongly prefer Wireless policy model to
Wired where today build out ACLs for each
new device
Finance Enterprise Global Retailer
Leading University School District
USE CASES ARE COMPELLING

Campus
Controller
Cluster
Corp
BYOD
IOT
Guest
Office
365
Academic
Records
n0tma1ware
.biz
AirGroup
Access
Point
Access
Switch
Users &
Devices
Applications &
Destinations
ClearPass
Roles are
“Dynamic”
“Segmentation” refers to
the separation of traffic
Solution Requirements:
Aruba 2930F, 2930M, 3810 and 5400R Campus Switches (Requires ArubaOS-Switch 16.04 or later)
Aruba Mobility Controllers with AOS 8.1
Aruba Branch Gateways with ArubaOS 8.4 and Aruba Central 2.4.3
Aruba ClearPass Policy Manager
DYNAMIC SEGMENTATION: FAST AND SIMPLE

• Extend Services across Networks
VXLAN extends service layers across fabrics and sites
• Expand solution for more network deployments
More flexibility with choice of L2/L3 access &
centralized/distributed fabric
• Offer multi-tenancy
More granular network service partitions for sub-tenants
with VRF
Enhancements with AOS-CX
Architectural Benefits
• Global uniform policy & End-to-End Segmentation
Centralized policy extending segmentation across multiple
sites
• Cloud ready architecture
Agility to move workflows and management to cloud
• Common Architecture
Similar solution for campus, branch and data-centers
Policy, Provisioning, Orchestration
Management
Wired Wireless IOT
Clients
Tunnel-to-Controller (Services)
Orchestrated
Fabric
Network
Core
Access
Firewall
Aggregation
Application
DC Leaf
WAN
Controller as
Service node
ARUBA NEXT-GENERATION DYNAMIC SEGMENTATION
AOS-CX enhances performance and scalability – broadens campus network capabilities

Services enablement for Financial Services PCI compliance for Retail
Operational simplification for Higher Ed Wired security without 802.1x in K-12
Use case:
Solution:
Desktop team needs to upgrade/update PCs, but
ran afoul of IT policies for Internet access
Tunnel the authorized Desktop team traffic to
DMZ Controller then let out to Internet
Use case:
Solution:
PCI compliance for apparel retail shops as part of
an overall Aruba branch solution with ZTP
ZTP the Switch and Tunnel all wired traffic from
specified ports (PPTN) to Controller with Firewall
Use case:
Solution:
Segmentation by department across campuses
Tunnel node provides the needed segmentation
even if the user roams across the buildings
Use case:
Solution:
Strongly prefer Wireless policy model to Wired
where today build out ACLs for each new device
Tunnel user traffic esp PCs behind phones and
users behind ‘dumb’ switches, then MC services
Finance Enterprise Global Retailer
Leading University School District
“The desktop team is happy, and
it’s simple for the network team”
“The SSID becomes the
jack in the wall”
“D.S. will simplify 15,000
ports for us”
“This allowed us to by pass
complexity in 1000’s of stores”
USE CASES ARE COMPELLING

CAMPUS | BRANCH | DATA CENTER
SD-WANWirelessWired
Mobile-First
Flexible
Available
ZTP
Automation
Insights
Unified
Role Aware
Scalable
LIFECYCLE
READY
INFRASTRUCTURE
READY
SECURE POLICY
READY
ARUBA EDGE ARCHITECTURE

Thank You

Ready

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Ready

Ähnlich wie Ready (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Ready