Aruba Networks News

Subscribe to Aruba Networks News feed
Technology Blog articles
Updated: 19 hours 4 min ago

Aruba ClearPass & Sophos Mobile Control Integration

Thu, 08/17/2017 - 02:35

Many companies are using MDM to control and manage their (mobile) assets. By connecting the MDM solutions to Aruba ClearPass, an organization has the possibility for advanced context-aware access for a (mobile) device to the corporate network, wired and wireless. ClearPass supports multiple MDM solutions via built-in “External Context Servers”, like Airwatch and MobileIron.

 

The MDM solution from Sophos, Sophos Mobile Control, has no built-in integration with ClearPass. I needed to help a customer to link ClearPass with Sophos Mobile Control because the customer would like to distinguish BYOD from corporate devices. All corporate devices are managed via Sophos Mobile Control. In this setup, Sophos Mobile Control uses an MSSQL database to store all relevant information. One of the tables in the MSSQL database stores the Wi-Fi MAC address from the asset. I use this table to distinguish the BOYD devices from the corporate devices. If the MAC address of the device is present in the database, the device is a corporate device.

 

I started by adding the MSSQL database as an authentication source to the ClearPass configuration. The customer created a dedicated SQL user with read-only access to the database. The MSSQL database is added in ClearPass under Configuration – Authentication – Sources. I added a source from the type “Generic SQL DB”.

 

 

The next step involves the creation of a proper SQL filter statement. I would like to have the Wi-Fi MAC address as output from the SQL filter. The following SQL filter is used for this (with special thanks to the customer, who had some more experience with SQL statements)

 

SELECT LOWER(deviceproperty.value) AS mac_address FROM deviceproperty INNER JOIN device ON deviceproperty.deviceid = device.deviceid WHERE deviceproperty.propertykey = 'Wi-Fi MAC address' AND device.managed = 'managed' AND deviceproperty.value = '%{Connection:Client-Mac-Address-NoDelim}';

I would like to use the MAC address as a string in the authentication/authorization process. In the end, I will check if the MAC address in the RADIUS requests matches a MAC address in the Sophos MDM database. The SQL filter is added in the Filter option within the Authentication Source, like in the image below. Just go to the Attributes tab and choose the option Add More Filters.

 

 

The Authentication Source is added to the appropriate Service as Authorization Source. I always add the Source first, before I start to configure some Roles and Role Mappings, because I would like to see which output I receive from the MSSQL database. There are two possible outcomes:

 

  1. The MAC address exists in the MSSQL database
  2. The MAC address doesn’t exist in the MSSQL database

If the MAC address exists in the MSSQL database, you will see the value of the MAC address in the Access Tracker.

 

 

As you can see the MAC address is listed without any delimiter. If the MAC address doesn’t exist in the database, the MAC address won’t be listed in the Access Tracker and you will see the following Alert Message.

 

 

Now that we know, which information we receive in the Access Tracker during an authentication request, we can configure the correct Roles and Role Mappings. In this example, I assign the Role [VDI Trusted] to the device, when the MAC address from the device equals the MAC address in the MSSQL database.

 

 

The last step is easy. Just configure the appropriate Enforcement Policy and Profile you match the Role and set the correct attributes on the Wi-Fi or wired network.

The Greatest Risk to Your Enterprise Is Already Logged into the Network

Wed, 08/16/2017 - 14:46

Every CSO needs to vigilantly guard against the growth and sophistication of external cyber-threats, but the biggest cyber-risk may be what is lurking within their own network. Negligent employees, malicious insiders, and compromised users and hosts often have the benefit of legitimate credentials to exploit weaknesses in traditional security infrastructure.

 

 

Traditional perimeter defenses give free rein to those credentials. But to determine if those “users” are part of an attack, enterprises really need to focus security on the behavior of who or what is using authorized credentials.

 

In a recent discussion on Verizon’s 2017 Data Breach Investigation Report, the company’s senior security specialist and RISK Team leader, John Grim, told Computer Business Review that “[in] 81% of the data breaches that we looked at this year in terms of data sets, the threat actors are leveraging those default passwords, those weak passwords, or those passwords that have been stolen.”

 

One in five employees in a recent survey indicates they keep passwords in plain sight. Another survey finds that 23% of workers would share sensitive, confidential, or regulated company information if they believed the risk was low and the potential benefit high.

 

Guest Access

 

Other risks come from authorized guests. Guest networks may not be necessarily well-protected, allowing those guests to move into places they shouldn’t be allowed to go and to access data that should be restricted.

Trusted partners represent yet another threat vector. As CSO pointed out recently, “The use of third-party providers is widespread, as are breaches associated with them.”

 

The breach of Target’s point-of-sale systems in 2013 was traced to a heating and air conditioning vendor whose legitimate credentials had been stolen, according to KrebsOnSecurity.

 

A bad actor with legitimate credentials, whether an insider or outsider, can probe for weaknesses once on the network. In that type of situation, the only way to defend the enterprise is by finding the changes in the actor’s behavior that would indicate an attack is under way.

 

Detecting Anomalies

 

With the benefit of machine learning, user and entity behavior analytics (UEBA) can detect anomalous actions that may indicate unauthorized activity and attacks. Aruba IntroSpect utilizes supervised and unsupervised machine learning models to ensure that the system is self-learning, continually adapting, and accurately identifying anomalies and confirming malicious activity before attacks inflict damage.

 

Bad behaviors on the network can be detected if you know what to look for and have the capabilities to do so. For example, when users access systems, how long do they stay on an application? What amount of data do they access? From where and with what devices are they doing so?

All those activities can be used to build baselines, or profiles, of what is normal behavior; anomalies can then be detected individually and correlated over time, alerting security professionals to take appropriate action when certain threshold conditions are met. With UEBA, baselines can be built around the activities of peer groups, so that if for example, a member of the finance group is behaving differently from his or her peers, it can be quickly detected.

 

Knowing what is going on in your network is as important as knowing who is on it.

 

Learn More

 

Get the CISO’s Guide to Machine Learning & User and Entity Behavioral Analytics.

Networking Field Day Live at Aruba

Wed, 08/09/2017 - 13:37

Understanding ArubaOS

Mon, 08/07/2017 - 09:00

Understanding ArubaOS by @westcott will help you understand the different pieces of Aruba’s controller–based wireless environment, the functions of the different pieces, and how they all fit together. The book does not just focus on the commands and configuration screens, but attempts to provide functional knowledge about the entire Aruba Networks wireless system.

 

The book takes a matter-of-fact, straightforward approach to understanding the Aruba architecture and its components. David uses stories and analogies to make it easier to understand complex topics. The book is not intended to be an A through Z, step-by-step user’s guide to configuring ArubaOS; however, it does provide graphics and CLI commands and output throughout the book, describing and showing the steps to perform most of the tasks in the book.

 

David provides many logic diagrams and flowcharts, along with pages of explanations, describing what occurs at each step. If you go to his website, www.westcott-consulting.com, many of these diagrams can be freely downloaded and printed for personal reference. Some of the diagrams include:

  • Master/local architecture
  • AP forwarding modes
  • Role/VLAN derivation flowchart
  • Virtual AP (VAP) profile components
  • 1X VAP
  • Captive portal VAP
  • PSK VAP
  • Captive portal logical flow
  • Remote AP (RAP) configuration

If you are already working with or managing an Aruba controller environment, this book will help you understand concepts that you may not be familiar with, and help you better understand the more advanced features of the ArubaOS by reinforcing the foundation that those advanced subjects are built on.

 

If you are new to Aruba Networks Wireless controller platform, this book will provide a good foundation that will make it easier for you to further learn and understand the product through formal Aruba training classes, hands-on experience, conversations with your peers, and through the many other available Aruba resources. Understanding ArubaOS is truly a resource for an Aruba network administrator at any level.

 

Many of you may already be familiar with David Westcott. David is an established author in the wireless industry, having co-authored seven other books about wireless networking, security and analysis; including the bestselling CWNA: Certified Wireless Network Administrator Official Study Guides. David is also well-known in the Aruba community. As Aruba’s senior trainer, David has taught thousands of customers, partners, and employees over the past 13-plus years.

 

 

Understaing ArubaOS

Table of Contents:

 

  1. Wireless Overview
  2. Understanding the ArubaOS Environment
  3. Aruba Controller and Software Overview
  4. Getting Started
  5. Profiles
  6. Authentication and Encryption
  7. Role Derivation
  8. Policy Enforcement Firewall
  9. Captive Portal
  10. Network Expansion
  11. Access Points
  12. Adaptive Radio Management
  13. Network Monitoring
  14. Wireless Mesh
  15. Wireless Intrusion Prevention

BLE Asset Tracking Helps Hospitals Find Medical Devices Stat

Tue, 08/01/2017 - 09:00

When is the last time you lost your keys? I don’t like big key rings, so I have all my keys on individual rings – two sets of car keys and a set of house keys. While this makes for smaller things to carry around, it gives me three times as much opportunity to lose said keys. We’ve all been there, and we also know that companies like Tile, Trackr, and a host of others have been created to help us avoid this nuisance. I even lent my car to a friend for a week, and when the keys came back, they had a Tile on the ring – that’s how much she relies on it. You never know that your keys are lost until you are trying to get out the door, and at that moment, finding them is critical.

 

 

Finding Life-Critical Things

 

Now consider the frustration you might feel when you lose your keys, but imagine the increased pressure when you’re looking for something that is critical to doing your job—saving someone’s life. That is what nurses live with every day. They need to find things to help care for their patients every day, all day. When they need to take your blood pressure, they need a cuff. When they need to setup an IV, they need an infusion pump. When they need to move a patient, they need a wheelchair.

 

Each of these items comes with different urgency. If you can’t find the asset quickly, then the whole process of patient care slows down. If a nurse can’t find a wheelchair to move a patient to radiology in a timely fashion, then the radiology department backs up, the radiologist doesn’t get a scan to read, the doctor doesn’t get the results quickly, and the patient’s diagnosis and most importantly, the patient's treatment slows down.

 

Knowing where things are – asset tracking – is important to any business, but especially important in healthcare. In any given hospital, there are more than 15 types of things that are mobile and required to provide care. Some are technologically sophisticated, like mobile X-ray machines. Some are not, like wheelchairs or crutches. What is in common is they are all critical to providing care, and the people who need them don’t have extra time to spend looking.

 

This is why hoarding of medical devices is such a big problem. Caregivers come on shift, they know they’ll need three or four devices of a certain type, so they grab them from the supply room and hide them where only they can find them. This means that those devices are not available for others, and hospitals end up over-provisioning expensive biomedical devices that cost thousands of dollars.

 

Track It and Find It Fast

 

When a hospital implements Aruba BLE-based asset tracking, those devices can easily be located on a map using iOS or Android smart devices, which dramatically cuts down the time required to find something. Clinicians and staff come to trust that devices are where they are supposed to be and stop hoarding. Hospitals save money by making sure there are enough devices available at all times to care for their patients, but not so many that they devices are being under utilized.

 

When a hospital has an Aruba WLAN, the cost of deploying asset tags is fairly low, which results in a quick return on investment. The network and the networking team provide extra value, there’s no steep learning curve, and everyone is more efficient.

 

The next time you are using an app to look for your keys, just remember that somewhere in the world a nurse is probably looking for a device to save the life of a patient. Hopefully, the nurse is using a mobile app and asset tracking to find it.

 

Learn More

Watch the Aruba asset tracking video.

 

Get an overview of the Aruba asset tracking solution.

 

What has been your experience with employees hoarding valuable assets so they don’t have to waste time finding them the moment they need them? Tell us in the comments below.

 

Follow the Footsteps with Wi-Fi Analytics

Mon, 07/31/2017 - 10:58

Beyond navigating the expansive 5,200-acre facility in College Station, many of the 61,000 students who attend Texas A&M University live off-campus and have some sort of commute to an on-campus location.

 

Travel modes include walking, biking, or the use of the expansive Texas A&M University transit system, run by Transportation Services, whose buses are often referred to as ‘Aggie Spirit’ buses. In addition, our 10,000 employees, and thousands of visitors annually, also need effective ways to reach their destinations.

 

The Aggie Spirit transit service includes 18 routes that average 145,000 riders per week – for a total ridership of 7.5 million annually – using a fleet of 98 transit and paratransit buses. The service consumes some 5,000 gallons of diesel fuel every day and logs about 1.8 million service miles annually.

 

On any given day, over 70 Aggie Spirit buses are on a route with a cost estimate of approximately $65 per hour to operate each bus. Also, Transportation Services trains and employs about 250 drivers per year, providing 140,000 service hours (FY16).

 

Where Aggies Go from Here

 

Optimizing such an expansive system is a continual priority and a number of the projects in the Texas A&M Campus Transportation Technology Initiative (CTTI) have focused on optimization and efficiency. Overall, the CTTI seeks to introduce private sector transportation innovation to the campus, with the goal of improving the safety, mobility, and quality of life of the campus community as a whole.

 

As a part of CTTI, Transportation Services partnered with the Texas A&M Transportation Institute (TTI) and developed a pilot project to study the flow of traffic from alighting passengers at critical campus stops to points within campus. This study is being done anonymously using WiFi signals from cellphones and other devices with WiFi connectivity, meaning there is no personally identifiable information tracked or kept as a result.

 

The Pilot

 

For the pilot, our study group selected the Memorial Student Center (MSC), a student hub and a historic building located in the heart of the campus. This hub acts as a central operations point for multiple Aggie Spirit bus routes that service students, faculty and staff campus.

 

Then, we partnered with Aruba, a Hewlett Packard Enterprise company, to leverage IoT and Big Data principles to conduct a next-generation foot fall analysis pilot study of bus stop rider dispersion.

 

We’re using a combination of Aruba 270 Series outdoor 802.11ac APs and Aruba Analytics and Location Engine (ALE) for the study. Aruba also suggested we utilize their trusted technology partner, SkyFii, to provide the visualization of rider behavior we desired.

 

With Aruba’s assistance, we’ve created a dense outdoor Wi-Fi research network to enable location triangulation using AP-275’s, for their integrated omni-directional antennas, and AP-277’s, for their integrated directional antennas.

 

ALE collects real-time presence data from mobile devices while protecting personal privacy. This data is seamlessly integrated with SkyFii to create visuals, like heat maps, and perform a variety of Big Data analytics.

 

Because all information is captured anonymously, we’re essentially turning the mobile devices our riders already carry into smart IoT sensors. Then, using the Aruba ALE and SkyFii software tools, we gain actionable insights on rider dispersal patterns throughout the immediate vicinity.

 

Who is Riding the Bus

 

At this stage in the study we are already learning far more than that we would using traditional data collection methodologies, such as surveys or simply counting the number of riders entering and exiting at each stop and each campus location within a time block.

 

With our Aruba solution, we’re extending our visibility into the immediately surrounding area to gain new types of information, such as the percentages of visitors that travel to a particular venue and the dwell times associated with that venue. We’re also significantly improving the granularity of existing metrics, like the busiest hours and days of the week.

 

Other examples of data we’re collecting include visit counts, passersby (those who do not get on a bus), visit frequency, returning visitors, zone visitation rates and venue visitation rates.

 

Under faculty leadership, data analysis is being conducted by the Department of Industrial and Systems Engineering, in Texas A&M University College of Engineering, through a student team in the Capstone senior design course (ISEN 460). The Department was established in 1939 and has consistently ranked in the top 10 departments in the U.S. over the past decade by the Gourman Report, the National Research Council and U.S. News and World Report.

 

Getting to Our Goals

 

The primary goal of our foot fall pilot project is examining whether we’ve optimized the transit stops in the study area.

 

For example, should a high percentage of riders move from the current stop location to other venues where there is space for transit stops, perhaps the stopping locations of one or more routes should be adjusted.

 

Long-term goals of the pilot include assessing whether similar and more comprehensive studies should be performed across different Aggie Spirit transit locations, or across the campus. This data could provide a more robust understanding of foot traffic, particularly with the growth in student population the University is experiencing.

 

New Texas A&M University Transit Model

 

More broadly, transportation received considerable attention over the past two years as our entire institution undertook an extensive campus-wide planning initiative, which resulted in the finalizing of the 2017 Texas A&M University Campus Master Plan. The Master Plan envisions a pedestrian-focused campus that relocates vehicles away from the center to create more opportunities for the exchange of ideas, chance meetings and places to collaborate and socialize.

 

Additionally, the Master Plan specifically calls for the primary modes of transportation on campus to become walking, bicycling and transit. In addition to establishing dedicated pedestrian and bicycle pathways across both the East-West and North-South campus corridors, our transit system must evolve to support the new Texas A&M University mobility model.

 

“We are excited to be partnering with TTI and Aruba on such an important study of our transit system,” says Associate Vice President, Peter Lange, Transportation Services. “The data collected throughout this study will be used as a resource as we develop our next steps as outlined in the Master Plan,”

 

Naturally, this means data collection and advanced analytics are critical to successfully achieving the transit objectives in our Master Plan. This could result in the expansion of what we learn from our current pilot foot fall traffic study to implement a campus-wide transit data analytics research effort to create pedestrian, bicycle and transit flow diagrams.

 

Regardless, this pilot study is only the beginning. We envision the continued application of innovative analysis and assessment of advanced technologies, such as wireless networking, IoT and Big Data technologies, to comprehensive transit planning and management to support academic schedules, optimize ridership and enhance campus commuting for our students, faculty, staff and visitors.

 

Robert E. Brydia is a senior research scientist at the Texas A&M Transportation Institute (TTI) and a recognized expert with more than 30 years of transportation research experience.

 

About Texas A&M Transportation Institute

Texas A&M Transportation Institute develops solutions to the problems and challenges facing all modes of transportation. The Institute conducts over 700 research projects annually with over 200 sponsors at all levels of government and the private sector. In the laboratory and the classroom, TTI researchers help prepare students for transportation careers. Recognized as one of the premier higher education-affiliated transportation research agencies in the nation, TTI’s research and development program has resulted in significant breakthroughs across all facets of the transportation system.  For more information and links to TTI’s social media channels, visit:  http://tti.tamu.edu.

Follow the Foot Steps with Wi-Fi Analytics

Mon, 07/24/2017 - 13:25

Beyond navigating the expansive 5,200-acre facility in College Station, many of the 61,000 students who attend Texas A&M University live off-campus and have some sort of commute to an on-campus location.

 

Travel modes include walking, biking, or the use of the expansive Texas A&M University transit system, run by Transportation Services, whose buses are often referred to as ‘Aggie Spirit’ buses. In addition, our 10,000 employees, and thousands of visitors annually, also need effective ways to reach their destinations.

 

The Aggie Spirit transit service includes 18 routes that average 145,000 riders per week – for a total ridership of 7.5 million annually – using a fleet of 98 transit and paratransit buses. The service consumes some 5,000 gallons of diesel fuel every day and logs about 1.8 million service miles annually.

 

On any given day, over 70 Aggie Spirit buses are on a route with a cost estimate of approximately $65 per hour to operate each bus. Also, Transportation Services trains and employs about 250 drivers per year, providing 140,000 service hours (FY16).

 

Where Aggies Go from Here

 

Optimizing such an expansive system is a continual priority and a number of the projects in the Texas A&M Campus Transportation Technology Initiative (CTTI) have focused on optimization and efficiency. Overall, the CTTI seeks to introduce private sector transportation innovation to the campus, with the goal of improving the safety, mobility, and quality of life of the campus community as a whole.

 

As a part of CTTI, Transportation Services partnered with the Texas A&M Transportation Institute (TTI) and developed a pilot project to study the flow of traffic from alighting passengers at critical campus stops to points within campus. This study is being done anonymously using WiFi signals from cellphones and other devices with WiFi connectivity, meaning there is no personally identifiable information tracked or kept as a result.

 

The Pilot

 

For the pilot, our study group selected the Memorial Student Center (MSC), a student hub and a historic building located in the heart of the campus. This hub acts as a central operations point for multiple Aggie Spirit bus routes that service students, faculty and staff campus.

 

Then, we partnered with Aruba, a Hewlett Packard Enterprise company, to leverage IoT and Big Data principles to conduct a next-generation foot fall analysis pilot study of bus stop rider dispersion.

 

We’re using a combination of Aruba 270 Series outdoor 802.11ac APs and Aruba Analytics and Location Engine (ALE) for the study. Aruba also suggested we utilize their trusted technology partner, SkyFii, to provide the visualization of rider behavior we desired.

 

With Aruba’s assistance, we’ve created a dense outdoor Wi-Fi research network to enable location triangulation using AP-275’s, for their integrated omni-directional antennas, and AP-277’s, for their integrated directional antennas.

 

ALE collects real-time presence data from mobile devices while protecting personal privacy. This data is seamlessly integrated with SkyFii to create visuals, like heat maps, and perform a variety of Big Data analytics.

 

Because all information is captured anonymously, we’re essentially turning the mobile devices our riders already carry into smart IoT sensors. Then, using the Aruba ALE and SkyFii software tools, we gain actionable insights on rider dispersal patterns throughout the immediate vicinity.

 

Who is Riding the Bus

 

At this stage in the study we are already learning far more than that we would using traditional data collection methodologies, such as surveys or simply counting the number of riders entering and exiting at each stop and each campus location within a time block.

 

With our Aruba solution, we’re extending our visibility into the immediately surrounding area to gain new types of information, such as the percentages of visitors that travel to a particular venue and the dwell times associated with that venue. We’re also significantly improving the granularity of existing metrics, like the busiest hours and days of the week.

 

Other examples of data we’re collecting include visit counts, passersby (those who do not get on a bus), visit frequency, returning visitors, zone visitation rates and venue visitation rates.

 

Under faculty leadership, data analysis is being conducted by the Department of Industrial and Systems Engineering, in Texas A&M University College of Engineering, through a student team in the Capstone senior design course (ISEN 460). The Department was established in 1939 and has consistently ranked in the top 10 departments in the U.S. over the past decade by the Gourman Report, the National Research Council and U.S. News and World Report.

 

Getting to Our Goals

 

The primary goal of our foot fall pilot project is examining whether we’ve optimized the transit stops in the study area.

 

For example, should a high percentage of riders move from the current stop location to other venues where there is space for transit stops, perhaps the stopping locations of one or more routes should be adjusted.

 

Long-term goals of the pilot include assessing whether similar and more comprehensive studies should be performed across different Aggie Spirit transit locations, or across the campus. This data could provide a more robust understanding of foot traffic, particularly with the growth in student population the University is experiencing.

 

New Texas A&M University Transit Model

 

More broadly, transportation received considerable attention over the past two years as our entire institution undertook an extensive campus-wide planning initiative, which resulted in the finalizing of the 2017 Texas A&M University Campus Master Plan. The Master Plan envisions a pedestrian-focused campus that relocates vehicles away from the center to create more opportunities for the exchange of ideas, chance meetings and places to collaborate and socialize.

 

Additionally, the Master Plan specifically calls for the primary modes of transportation on campus to become walking, bicycling and transit. In addition to establishing dedicated pedestrian and bicycle pathways across both the East-West and North-South campus corridors, our transit system must evolve to support the new Texas A&M University mobility model.

 

“We are excited to be partnering with TTI and Aruba on such an important study of our transit system,” says Associate Vice President, Peter Lange, Transportation Services. “The data collected throughout this study will be used as a resource as we develop our next steps as outlined in the Master Plan,”

 

Naturally, this means data collection and advanced analytics are critical to successfully achieving the transit objectives in our Master Plan. This could result in the expansion of what we learn from our current pilot foot fall traffic study to implement a campus-wide transit data analytics research effort to create pedestrian, bicycle and transit flow diagrams.

 

Regardless, this pilot study is only the beginning. We envision the continued application of innovative analysis and assessment of advanced technologies, such as wireless networking, IoT and Big Data technologies, to comprehensive transit planning and management to support academic schedules, optimize ridership and enhance campus commuting for our students, faculty, staff and visitors.

 

Robert E. Brydia is a senior research scientist at the Texas A&M Transportation Institute (TTI) and a recognized expert with more than 30 years of transportation research experience.

 

About Texas A&M Transportation Institute

Texas A&M Transportation Institute develops solutions to the problems and challenges facing all modes of transportation. The Institute conducts over 700 research projects annually with over 200 sponsors at all levels of government and the private sector. In the laboratory and the classroom, TTI researchers help prepare students for transportation careers. Recognized as one of the premier higher education-affiliated transportation research agencies in the nation, TTI’s research and development program has resulted in significant breakthroughs across all facets of the transportation system.  For more information and links to TTI’s social media channels, visit:  http://tti.tamu.edu.

Smart manufacturing enabled by Aruba

Mon, 07/24/2017 - 09:00

I’m sure that all of you reading our blogs have experienced the joy of the digital workplace as it has migrated outside the office building. Online content for your kids in their classrooms, ordering food from your own seat at a football stadium and getting email done via solid Wi-Fi at your favorite coffee shop all demonstrate what the mobile first experience brings to the table.

 

Now let’s go beyond those examples to a 200,000-sq. ft. manufacturing facility spread across seven buildings and 34 acres and see what a high-performance Aruba network solution can do to power industrial IoT for smart manufacturing.

Imperial Industries serves a global client base over a sprawling complex in Wausau, Wisconsin. Robust Wi-Fi was required across the campus, “Our industry is moving to wireless connectivity for production equipment at a rapid pace,” explains Ann Babl, contract CIO for Imperial Industries. “We were adopting a new plasma burn table and it required high-performance Wi-Fi.”

 

The technology used on shop floors has moved at a rapid pace with many equipment suppliers having migrated from wired to wireless solutions. Imperial’s requirements were for a high-performance and resilient W-Fi solution that was future-proof and had simplified centralized management. Working with its trusted partner, RMM Solutions, Imperial evaluated the top wireless vendors and selected Aruba, a Hewlett Packard Enterprise company.

 

“Smart manufacturing is providing many new opportunities,” Babl says. “We wanted a robust, scalable solution that could evolve to meet changing needs while also minimizing burdens on our ultra-lean IT staff.” 

Integrated Wired and Wireless Networks

Imperial deployed high-performance wireless infrastructure that includes Aruba

802.11ac Wave 2 access points (APs), Aruba 7200 Series Mobility Controllers, Aruba 3810 Switches and Aruba 2920 Switches. Using Aruba’s robust Layer 3 switches enabled Imperial to standardize on a single vendor for both wired and wireless networking. The HPE Smart Rate-enabled switches provide the future-proofing capacity Imperial needed for multi-gigabit speeds. Imperial also chose Aruba AirWave to unify management of the wired and wireless network.

 

“We were impressed with Aruba’s current solution quality and strategic direction,” Babl says. “When we looked at the roadmap, Aruba was more advanced on multiple fronts including cybersecurity. This enabled investing in infrastructure that was ahead of the competition, rather than neck-and-neck.”

 

Learn More

Read more about how Aruba helped Imperial Industries solve its network technology challenges and prepare for the future in this case study.

Cloud-managed networking is the future for IT

Mon, 07/24/2017 - 09:00

With the shift to distributed workforces for cost savings, the utilization of more bandwidth-hungry apps, and users who judge a company by their network experience, IT is dealing with a host of new challenges. Deploying smart wired and wireless infrastructure and the management that supports the always-on users, apps, and people who sometimes take network access for granted is a must.

In fact, if you’re dealing with these issues, ignoring cloud-managed infrastructure is like turning a blind eye to new technology like the Nest Thermostat. Nest has taken a mundane task like turning on the heater and changed the game. The concept is so very simple, but the ability to heat or cool the house from a remote location before walking through the front door is fantastic.

 

Often times the challenge with moving to something new like a connected home or cloud-managed networking lies in the perception. Yes, the solution needs to provide value, but ease of use, security and resiliency are definitely concerns.

 

Let’s take a look at how the cloud can help tackle today’s growing demand for always-on networking.

Simplified Setup and Support
Today, once you’ve chosen the wireless and wired hardware that will sit on premise, you have the option to manage your network from a cloud-based solution that is available as-a-service. This lets your organization move from a CapEx model where everything is paid for up-front, appliances or virtual machines are deployed, and IT performs all updates.

The new way is to move an OpEx model where the cost is spread out over time. This frees up money and resources for other business needs. Support costs are bundled into the subscription­­, and you essentially leverage technology that’s always new. Another bonus is that someone else is responsible for performing those late-night upgrades.

 

Ease of Use
Installing network infrastructure and maintaining it has to become easier for IT. As we move to more distributed environments, it’s no longer feasible to send someone from the team out for a week to get a site running. Ease of use starts with zero-touch provisioning, where devices like access points, switches and branch gateways do not need to be configured prior to arriving on-site.

Once connected to the network, the equipment can easily pull its running configuration from the cloud. The IT team gains the benefit of management from anywhere, greater visibility and improved staff efficiency. A solution with an intuitive UI and workflows equates to easier diagnosis of issues and the delivery of insights that helps solve problems before they impact users.

 

Complete Security
With any cloud solution, access to the management platform is always a concern. Of course, the inherent value of the cloud is that more than one person can login from anywhere. Ensuring that the solution can support differentiated IT admin privileges, HTTPS logins and multi-factor authentication ensures that only people who are allowed access can login.

Another aspect centers around managing security features within the infrastructure itself. IT needs the visibility and enforcement features to easily block users from visiting URLs and IP addresses with bad reputations, leverage role-based access capabilities built into the infrastructure, and see app usage per user or group with the ability to enforce new behavior.

Resiliency of Connections
When multiple people from IT can login from anywhere, it ensures that someone is always available to assist when needed, regardless of location and time of day. The cloud also provides the option to use a wired, Wi-Fi or cellular connection to login. Again, it’s something simple that saves a wealth of time.

In the event that the WAN connection used for cloud management is lost, IT should have the option to login directly to Wi-Fi and wired equipment to perform management functions in a traditional way. There’s nothing worse than users experiencing an outage and the IT team can’t keep things running.

In Closing
The great thing about cloud-managed networks is that IT and the organization have a new model for building out the network and delivering new services. Infrastructure deployment is faster, and IT gains better visibility and control.

The future is to deliver more than traditional infrastructure management as Aruba—and many more organizations—move to this new model. One where we leverage cloud computing to provide access, analytics and controls that improve IT operations and delivers a new level of business value.

Visit the Aruba Central site to see where we are today. And stay tuned for where we’re headed.

Where are you with cloud-managed networks? Tell us in the comments below if you manage a network and are considering the cloud today.