2012 ah vegas wlan design fundamentals

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 1

NETWORK DESIGN FUNDAMENTALS

Presented by Andy Logan Feb 2012

2 2 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Validated Reference Designs (VRD)

http://www.arubanetworks.com/vrd

3 3 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

The WLAN Lifecycle

•  Requirements Definition •  Site Surveys

•  Network Design •  RF Design •  Security Design •  QoS Design

•  Staging & Provisioning •  Installation & Validation

•  Administration •  Monitoring •  Troubleshooting

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 4 4 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Define

5 5 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Understand Mobility Requirements

Virtual Desktops

Collaboration

Multimedia Mobile Devices

6 6 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Site Surveys

7 7 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

AP Coverage

8 8 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

5 GHz Coverage in a 2.4 GHz Plan

9 9 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Mounting APs

Ceiling

Wall

10 10 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Virtual Survey Tools

Outdoor 3D Planner VisualRF Plan

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 11 11 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Design

12 12 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Aruba Controller vs. Aruba Instant

  Aruba Campus Solution   Aruba Instant  Relative cost   $$$   $  Scalability   Thousands of APs

Hundreds of thousands of users/ devices  

16 APs 256 users/ devices  

Policy management   Centralized policy store   Autonomous WLAN Can centralize policies via AirWave  

User security   Context-aware security by role, device, location  

User based  

Mobility   Voice ready Layer 3   Voice ready single subnet  

Provisioning and software upgrades  

Controller   Virtual Controller, cloud-based image server, or AirWave  

Onsite IT required?   Yes, at installation and periodically during operations  

No  

Operations management  

AirWave   AirWave  

13 13 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

AP Decision Tree

14 14 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

SSID Design

Most common SSID design for enterprise organizations includes 2-3 different SSIDs –  Employee users – strong authentication and encryption suite –  Application – devices not capable of strong authentication

and encryption levels –  Guest access – will not run any encryption; requires

authentication

15 15 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Role-Based Security Architecture

Corporate Services

Guest

Data

Voice

Signage

PoS

Virtual AP 1 SSID: Corp

Virtual AP 2 SSID: GUEST

DMZ

ClearPass Guest Access

Captive Portal

Role-Based Access Control

Access Rights

Secure Tunnel To DMZ

SSID-Based Access Control PoS

Data

Voice

Signage

Guest

RADIUS LDAP AD

16 16 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Continuous RF monitoring of wireless devices, activity and configuration across all 802.11 channels

Discover Complete 802.11 Spectrum Monitoring

Automatic classification of threats and non-threats is critical to RF security

Classify Policy-Based Threat Prioritization

Automated containment to block any rogue or intruder

Automated logging and report distribution ensures compliance with wireless security policies and regulations

Alert and Audit Automated Compliance Reporting

Contain Automated Threat Mitigation

Wireless Threat Protection Framework

17 17 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Quality of Service (QoS)

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 18 18 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Deploy

19 19 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Mobility Controller Deployment

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 20

Wired + Wireless Access

Dynamic Policies Authentication Policy Definition Point •  Simplified Access Provisioning •  Eliminate policy definition on

mobility switch & controller •  Users authenticate against

ClearPass Policy Manager

•  Authentication result returns role via RADIUS

•  Associated role’s policy dynamic pushed to switch / controller

•  Single portal for policy definition – wired or wireless

•  Role and policy association definition

•  Supports Heterogeneous Networks

•  Single Policy definition - Wired + Wireless

•  Simplifies provisioning •  Enables Heterogeneity •  Role based Access •  BYOD - wired & wireless

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 21

Mobility Controllers

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 22

Access Points

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 23

Mobility Access Switch

24 24 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Instant Deployment

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 25

Instant Access Points

26 26 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Remote Access

27 27 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Wired or Wireless Backhaul

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 28

Branch Office

CONFIDENTIAL © Copyright 2011. Aruba Networks, Inc. All rights reserved 29

Aruba VIA

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 30 30 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Operate

31 31 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Monitoring

32 32 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Troubleshooting

33 33 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Client Diagnostics

34 34 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

Network Diagnostics

35 35 CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved

The WLAN Lifecycle

•  Requirements Definition •  Site Surveys

•  Network Design •  RF Design •  Security Design •  QoS Design

•  Staging & Provisioning •  Installation & Validation

•  Administration •  Monitoring •  Troubleshooting

CONFIDENTIAL © Copyright 2012. Aruba Networks, Inc. All rights reserved 36 36

Coming Up: Tech Playground 12pm – 1:30pm