Transcript AEROHIVE NETWORKS Data Connectors Honolulu Transforming Your Network into a Platform for Mobility © 2013 Aerohive Networks CONFIDENTIAL Introduction to Aerohive: • Cloud-managed Mobile Networking.

AEROHIVE NETWORKS
Data Connectors Honolulu
Transforming Your Network into a Platform for Mobility
© 2013 Aerohive Networks CONFIDENTIAL
Introduction to Aerohive:
• Cloud-managed Mobile Networking Company
› Cloud (Public & Private), Controller-less
Wi-Fi, Routing, VPN, Switching
› 5th fastest growing tech company 07-11
Cloud Services Platform
Public
» (Deloitte Fast 500 – 44,569% growth)
›
›
›
›
135% YoY growth (2011-2012)
~10000 Customers
~500 Employees
Visionary Vendor - Gartner MQ
Wired & Wireless LAN 2013
© 2013 Aerohive Networks CONFIDENTIAL
Visionary Gartner
Magic Quadrant 2012
Unified
Access
Unified
Access
Gartner MQ
Private
(on-premise)
for
Enterprise Wi-Fi
Visionary Gartner
Magic Quadrant 2011
Wi-Fi
Wi-Fi
Partner
Branch &
Teleworker
Routers
Access
Switches
Visionary Gartner
Magic Quadrant 2013
Unified Access
2
New Requirements of the Network Edge
Users want to work anywhere, on any device and access any App
You need to enable them, without drowning in complexity
$
X
Security
Performance
Reliability
Yesterday
Cost
Today
• Corp deployed enterprise devices
• Corp / BYOD enterprise / consumer devices
• WLAN overlay
• Ubiquitous Wi-Fi Access
• Network centric
• User Centric
• Monolithic
• Elastic
Aerohive Networks - Simpli-fi Enterprise Networking
Cloud-enabled, self organizing, application aware, identity-based infrastructure
© 2013 Aerohive Networks CONFIDENTIAL
3
Customer Focus
Healthcare
Retail / Logistics
Education
Distrib. Enterprise
Intelligent, scalable, cost effective, resilient infrastructure
© 2013 Aerohive Networks CONFIDENTIAL
4
Enterprise Deployments
HQ
Virtualized Mgmt &
VPN Termination
Wi-Fi Primary Access
Guest, Corp, BYOD
Branch
Retail
Guest, Corp,
BYOD
Data Center
Unified Wired, Wi-Fi, VPN, FW
Credit Cards. PCI,
Inventory, Voice, Kiosks
Logistics
Performance, Contextual Policy Enforcement,
Unified Access Layer, MDM enrollment
Edu
Cloud-enabled
Coverage, Reliability,
Voice Picking, Outdoor
Apple TVs
iPad1:1
Teleworker
Faculty,
Guests
High Density, AD integration, Bonjour, Ease of Use
© 2013 Aerohive Networks CONFIDENTIAL
Healthcare
Work, Home, 4G,
Cloud Security
EMR, eMAR, Asset
Tracking, Voice Messaging
5
Distributed (Controller-less) Wi-Fi Architecture
Delivering simplicity, reliability and affordability
Management
Management within the
network only
Centralized cloud-based or
Local management
Redundancy
Requires multiple controllers
No single point of failure
Local data forwarding..what
do you lose?
Self healing mesh architecture
No controller tax
Scalability and future proofing
No feature licensing
Start small and grow
Distributed intelligence
Controller capacity?
Feature licenses?
(FW, RADIUS, CWP, BYOD, Bonjour GW)
Performance
Data bottlenecks
No data bottlenecks
QoS, Spectrum analysis..$$$
Service Level Agreements
QoS & Spectrum analysis included
© 2013 Aerohive Networks CONFIDENTIAL
How does it work?
Architectural Alternatives
Central Vs. Distrib. Control 6
Enterprise Wi-Fi Features
Optimization
Mobility
SLA, QoS & Dynamic
Airtime Scheduling
Layer 3
Roaming
Distribution
Band
Steering
Load
Balancing
450Mbps
54Mbps
11Mbps
2.4 GHz
5 GHz
High Powered Radios,
Receive Sensitivity & RRM
© 2013 Aerohive Networks CONFIDENTIAL
Layer 2
Roaming
Layer 2/3 Roaming
Resilient
Mesh
7
Receive Sensitivity
BYO and Corp Deployed Devices
Access defined by ID & Device
MDM Enrollment
User Profiles
Corp
GUEST Policy
BYOD Policy
CORP Policy
DMZ
Restricted VLAN
Corp VLAN
FW = Web Only,
Limited Apps
FW = Email &
Web, Permitted
Apps
FW = LAN & Web
Approved Apps
1Mbps per user
5Mbps per user
M-F 9am-5pm
10Mbps per user
Approved Apps
get priority
www
MDM
Quarantine
Enroll
M-F 8am-9pm
24HR Access
L2-7 Firewall
OS Detection
Bonjour Gateway
www
CWP
PPSK
Corp
RADIUS
Guest,
BYOD
AppleTV
(AirPlay)
Bonjour
Guest user
Corp user - BYOD
© 2013 Aerohive Networks CONFIDENTIAL
Printer
(AirPrint)
Corp user
L7
BYOD & MDM
Bonjour GW
8
Security and Authentication Features
Captive Web Portal
Multiple CWPs able
to serve scalably
from every AP
Private PSK
Multiple users, same
SSID - easy but unique
revocable keys
Wireless Intrusion Prevention
WIPS
Stateful L2-L7 Firewall
• MAC (L2) based firewall
• Stateful TCP/IP firewall (L3/L4)
• L7 App Visibility & Enforcement
• ALGs for DNS/FTP/SIP
• Policy Based Client Isolation
Directory Integration
Remote Site Content Security
• Authentication support for
common directory servers
• Eliminates standalone
RADIUS server
• Credential caching for
remote/branch survivability
© 2013 Aerohive Networks CONFIDENTIAL
9
Routing, VPN and Switching features
Cloud-enabled Networking
Unified Wired & Wireless Mgmt
Wi-Fi
Same
Policy and
Network
Wired
Routing / FW
VPN
Address/L3 Service
PoE-PSE, 3G/4G USB
PoE
L2 & L3 IPSec VPN
Robust Voice Support
• SIP/SCCP/Spectralink support
• Voice Enterprise (Q1)
• Detection of IP phone OS
• 802.1X/Access control
© 2013 Aerohive Networks CONFIDENTIAL
• Dynamic QoS for voice traffic
10
Branch on Demand
Monitoring and Reporting Features
Manage
Simple
GUI
Cloud
Management
Monitor
Topology &
Location Tracking
PCI
Compliance
Support
Client Monitor &
Packet Capture
© 2013 Aerohive Networks CONFIDENTIAL
Spectrum
Analysis
Management Views
11
Reduced Capex and Opex
Less Infrastructure Costs
Cloud Management
Less Operational Costs
Good connection
High data rates & high
successful transmission rates
Marginal connection
Lower data rates / lower
successful transmission rates
Poor connection
Low data rates / low successful
transmission rates
Zero Touch Provisioning
© 2013 Aerohive Networks CONFIDENTIAL
Client Health Score
Self Healing
12
Client Health Score
Aerohive AP Platforms
AP110
AP141
AP121
Indoor Industrial
Indoor
1-Radio
802.11n
2x2:2
300 Mbps
Radio
AP350
AP330
Dual Radio 802.11n
2x2:2
300 Mbps High Power
Radios
3x3:3
450 Mbps High Power Radios
AP370/390
AP170
Indoor/ Indoor
Industrial
Outdoor
Dual Radio
802.11ac/n
Dual Radio
802.11n
3x3:3 450 +
1300 Mbps
Radios
2x2:2 300 Mbps
11n High
Power Radios
2X Gig E
/w PoE Failover
1X Gig.E
TPM Security Chip
2X Gig.E with 10/100 link
aggregation
1X Gig.E
PoE (802.3af + 802.3at) and AC Power
PoE (802.3at)
No USB
USB for future use
USB for 3G/4G Modem
Plenum/Plenu
m Dust Proof
0 to 40°C/
-20 to 55°C
USB 3G/4G
Modem
$449
$649
$999
$1199
Plenum Rated
Plenum & Dust
Proof
0 to 40°C
-20 to 55°C
© 2012 Aerohive Networks CONFIDENTIAL
Water Proof (IP
68)
$1499
-40 to 55°C
N/A
Aerohive Routing Platforms
*
BR100
BR200 WP
Single Radio
AP330
AP350
Dual Radio
1x1 11bgn
3x3:3 450 Mbps 11abgn
5-10 Mbps
FW/VPN
30-50Mbps FW/VPN
Cloud VPN
Gateway
L2 & L3
IPSec VPN
Gateway
(VMware)
~500 Mbps
VPN
5X 10/100
5X
10/100/1000
2X 10/100/1000 Ethernet
1000 Tunnels
0 PoE PSE
2X PoE PSE
0 PoE PSE
2 Virtual
Interfaces
~1 - 10 Users
~1 - 50 Users
~1 - 50 Users (as a router)
$99
$699*
© 2013 Aerohive Networks CONFIDENTIAL
$999
* Also available as a non-Wi-Fi, non PoE device - $499 (BR200)
14
Aerohive Switching Platforms
SR2024
SR2124P
24 Gigabit Ethernet
8 Ports PoE+ (195 W)
4 Ports 1G SFP Uplink
SR2148P
48 Gigabit Ethernet
24 Ports PoE+ (408 W)
48 Ports PoE+ (779 W)
4 Ports 10 Gigabit SFP/SFP+ Uplink
Routing with 3G/4G USB support and Line rate switching
56Gbps switching
Single Power Supply
$1799
128Gbps switching
176Gbps switching
Redundant Power Supply Capable
$2599
$3999
Available Mid 2013
© 2013 Aerohive Networks CONFIDENTIAL
15
Aerohive software platforms
SW Config, & Policy, RF Planning, Reporting, SLA Compliance,
Guest Management, Trouble Shooting, Spectrum Analysis
HiveManager Online
HiveManager Virtual Appliance
Scalable multi-tenant platform, Redundant data
centers with diversity, Backup & Recovery, Zero
touch device provisioning, Flexible expansion, On
demand upgrades, Pay as you grow
VMware ESXi, HA redundancy
15,000s APs with specified configuration
HiveManager Appliance – 2U
Redundant power & fans, HA redundancy,
5000 APs
HiveManager Appliance – 1U
HA redundancy, 500 APs
StudentManager
© 2013 Aerohive Networks CONFIDENTIAL
VMware ESXi
Up to 50,000 students
16
Aerohive Networks
A single architecture for the network edge
Aerohive Networks - Simpli-Fi Enterprise Networking
Identity & Context Aware e.g. Network
firewall on the routerself
knows
identity & role
of
Cloud-enabled,
organizing,
service
the clients on APs
Unified policy and security mgmt, from the cloud
Wi-Fi
aware, identity-based infrastructure
Same
Policy
and
Network
Wired
Routing / FW
VP
N
Service Aware e.g. AP know the Bonjour services
to advertise across the L3 enterprise boundaries
www
Corp
Guest,
BYOD
Aerohive Networks where increased
performance and capacity does not
mean increased complexity!
AppleTV
(AirPlay)
Bonjour
© 2013 Aerohive Networks CONFIDENTIAL
Printer
(AirPrint)
17
THANK YOU!
© 2013 Aerohive Networks CONFIDENTIAL
18