In September and October, I visited the partner update from Aruba and the Airhead Technical Event in The Netherlands as well. I started the vendor neutral wireless certification path to learn more about other vendors as well, so I was interested in this event and thought it was a great opportunity. Up to this point, I knew about Aruba, but had never come in contact with Aruba. In the beginning, it was hard to place some concepts in the big picture because all the terms were new for me. After asking some questions to one of the Aruba engineers and Google, a lot of pieces fell in the right place.
The theme was Mobile first and cloud based.
Airwave/Central, the network management tool.
Clearpass Introspect, the security tool.
NetInsight, the analysis tool.
Meridian, the LBS tool, DS Meridian Platform
Aruba Introspect is an AI-based analysis that gives good insight and information about attacks and malicious users and devices. In combination with Clearpass (Aruba’s RADIUS solution) you have a great overview of who is connected to your network and who might be a threat to your network. For more information about Introspect, please visit the following page: SB IntroSpect
As you can read in the data sheet, you see that Aruba is looking into the future where the devices per person that visit your company and the IoT devices increase.
Another hot topic was API. Aruba gives the opportunity to make scripts to make life easier. I was visiting the event more from a wireless perspective, but the API in combination with their new campus aggregation/access switch Aruba 8400 was for sure interesting. The operating system for the 8400 has an open API so you can easily make some scripts in Python (or REST). Making those scripts makes troubleshooting and root cause analytics easier on this device. The newest switch is also database driven, which makes it easier to do a rollback to the latest version. Ever made a configuration mistake and it took you a long time to rollback? This is a solution for that. And last but not least there is a GUI where you can add widgets for easy analysis or your own programmable widget.
8400 Series
Besides the new 8400 switch, they also announced a new wireless controller: the 7280 which is almost identical to the 7240 series. The differences are that the 7280 has 8x 10GBASE-X and 2x 40GB ports, compared to the 4x 10GBASE-X ports on the 7240.
The session I was looking forward to was the presentation about the new ArubaOS 8 and specific information about the Live Update feature that is new in ArubaOS 8.1. In the newest OS, there is a new component, the mobility master. First it was not clear to me where this comes in the big picture, since you have AirWave for centralized management. With the Mobility Master between your WLC and AirWave, it is possible to use the new features and capabilities from the newest ArubaOS.
Some nice features that are only supported in the Mobility Master are:
AirMatch:
AirMatch is the enhanced Adaptive Radio Management (ARM), 802.11k.
Controller Clustering:
Controller clustering gives the possibility to cluster 12 controllers in one cluster. This gives the user a seamless experience in big campuses.
In-service module upgrade:
Most features are becoming services—it is possible to stop/start a single service without rebooting the entire system.
MultiZone:
MultiZone gives the possibility to separate management and data traffic with an “Air Wall” between it. It is also possible that a single user always, even after roaming, connects to the same controller even when the access point is not associated with that controller. It can load balance users during roaming. Also, you have the possibility to have different SSIDs managed on two different controllers but on the same access point. This separates Guest Wi-Fi and Production/Office Wi-Fi.
Live Upgrade:
Ever had a hospital in your client portfolio? Ever tried to manage an OS upgrade? Aruba has a new feature called “live upgrade.” To be honest, I was pretty skeptical over this feature, upgrading with no downtime? But it is possible with Aruba. What is needed: two WLCs and at least one Mobility Master and the access points need to be redundant as well.
The controller still needs a reboot during the upgrade process. So, how does this feature work? Here the Mobility Master (MM) comes in place. When the MM failover, all the access points move to the secondary controller. This has no impact since both controllers are in the same cluster. After that, the MM upgrades the primary controller to the newest version and it will reboot the controller as well. Since there are no access points on this controller, this has no impact for the users.
When the primary controller is upgraded, the MM uses the Aruba mechanism that failover the access points one by one. During this failover, the access point needs a reboot (to install the software). It is not possible to failover all the access points together, since there will be a network outage. Since a requirement is that there needs to be a second access point close, the mechanism lets the clients roam to another access point to ‘free up’ the access point and reduce the impact during the failover/upgrade (since there are no clients associated). This mechanism helps the client smoothly roam to another access point, so there is no “panic roam.” This process takes a while, but it can be on the fly. I have never tested this, but it sounds like a valid option.