• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

Aruba Networks Redefines Approach to Large-Scale, Secure Mobile Networking With ArubaOS 3.1 and Mobility Management System 2.0

Posted on: Tuesday, 20 February 2007, 09:00 CST

SUNNYVALE, Calif., Feb. 20 /PRNewswire/ -- Aruba Networks today announced the release of ArubaOS 3.1, a new version of the operating system and application engine for all Aruba mobility controllers, and Mobility Management System (MMS) 2.0, the next-generation suite of applications for planning and managing mobility networks. New features and capabilities of ArubaOS and MMS are designed to provide enterprises with a global mobility domain that is scalable, multi-service, integrated with existing security infrastructure, and intelligently managed. Core to delivering these are new features including:

* Virtual Mobile Networks -- Combines the benefits of centralized control with localized management capabilities * Management Contexts -- Enables delegation of management rights for various physical equipment and service to appropriate administrators * Bandwidth Control -- Resolves the issue of slow clients and allows per-SSID service level agreements * Voice Management and Control -- Expands scalability and performance and provides detailed monitoring and management for Voice over Wi-Fi (VoFi) services * Security Services Integration -- Allows easy integration of existing security devices and infrastructure with the Aruba mobility network

The Aruba Mobile Edge Architecture is designed to deliver secure mobility beyond basic wireless LAN (WLAN) connectivity, providing consistent network services to a user at headquarters and wherever the user roams, including branch locations, partner sites and home offices. Anywhere the enterprise user has access to the Internet, Aruba can deliver seamless mobility on the corporate network, complete with user-specific policies, multi-service application delivery, and more. Unlike traditional networks, mobility requires that security and network service policies are tied to a user's identity. ArubaOS 3.1 and MMS 2.0 enable this user-centric approach to be deployed and managed on a larger scale with greater ease and broader support for integration of new services than prior versions.

Many of the features in ArubaOS 3.1 and MMS 2.0 were developed to address the needs of large enterprises such as Ohio State University. Ohio State University is well along in its deployment of one of the world's largest wireless LANs -- comprising up to 10,000 access points -- using an Aruba Networks solution. "Our vision is to create a single secure mobile network across our 1,700 acre campus and still serve the diverse needs of approximately 80,000 users including students, faculty, staff and guests. In building a network of this scale, we have discovered that prevailing WLAN models for delivering multiple services using multiple logical networks or SSIDs just does not scale," said Bob Corbin, director of telecommunications and networking, Ohio State University Office of Information Technology. "You cannot have one network for data, another for voice, a third for departmental access, and so on, and expect end users to have a seamless mobility experience. We needed a single mobile network that worked everywhere on campus and also gave us the ability to customize service delivery by users, devices, applications and physical locations. Aruba's secure mobile networking solution was the only one to meet our needs."

"We've progressed from Wi-Fi pilots to moderate-sized deployments and now we're beginning to see the next WLAN connectivity wave -- very large scale deployments so enterprises can extend the mobility of their employees," said Stan Schatt, vice president for broadband and wireless networks at ABI Research. "As these networks grow, it is increasingly important that WLAN equipment manufacturers make it easier for enterprises to deliver a broad range of mobility services in a user-centric way, allowing them to see the forest but not lose sight of the individual trees."

New features of ArubaOS 3.1 and MMS 2.0 in the areas of ensuring scalability, extending mobile applications, and integrating with other security solutions include:

Ensuring Mobility Works as the Network Grows

Virtual Mobile Networks -- As secure mobile networks scale, it is often undesirable to apply services, such as authentication and encryption, RF and bandwidth management, and quality of service on a global basis. Customization per user, location or application is becoming increasingly important. Historically, the only way to address this need were with a separate logical network (i.e., SSID) -- which doesn't scale -- or with a separate physical network -- which increases costs.

Virtual Mobile Networks (VMNs) provide flexibility and cost-effective scalability by enabling multiple "virtual" networks with varying services on a single SSID. VMNs allow administrators to group Aruba APs and controllers logically (e.g., all conference room APs or all outdoor APs) instead of based on their physical location (e.g., APs on the south side of the second floor). Administrators can then create "service profiles" and apply them to specific groups of access points (APs) and mobility controllers instead of globally. For example, a medical school campus can use a single SSID with global role-based security policies, while authentication server selection is localized and location services are enabled only within the on-campus hospital.

Management Contexts -- In conjunction with the concept of virtual mobile networks, ArubaOS 3.1 and MMS 2.0 support management contexts. Of particular value for large networks with multiple administrators or service providers, management contexts allow administrative functions to be partitioned based on different network management roles. These "contexts" can include network owners who can set global parameters, service owners who can change services provided by a defined groups of controllers and APs, and equipment owners who can manage the physical assets such as loading new software, adding or removing APs, and changing physical configuration of equipment

Mobility Management System 2.0 -- Aruba introduced MMS 1.0 to provide planning, monitoring and management of larger networks, especially in those cases when customers desired to retain more historical data. In combination with ArubaOS 3.1, MMS 2.0 adds a large number of new functions, most significantly, full network configuration and policy management capabilities to leverage virtual mobile networks and management contexts. MMS 2.0 also adds a dashboard view, AAA integration and greater availability, improved charting and reporting. For customers who opt to just use the web user interface included with ArubaOS, they will find major functions are grouped more logically and are provided with default values. The more intuitive UI, along with streamlined configuration and online context-sensitive help, should enable Aruba customers to use the system more quickly and with less training.

Bandwidth Control -- ArubaOS 3.1 adds as a new capability bandwidth management controls enforced at the access point, enabling per-SSID service level agreements and resolving channel time hogging by slow clients. Previously, frames from the mobility controller were prioritized, policed based on throughput, and processed "first-in, first-out" by the AP. With the new bandwidth management controls, traffic is classified and rate controlled by the mobility controller and placed into buckets at the AP based on channel time, not throughput. For example, in an environment with data, voice and video applications, each can be allocated and guaranteed a specified percentage of air time. This prevents a particular application from starving others. Excess bandwidth is available to any application. The same capability can be used to provide service level agreements in a multi-service provider environment, such as a hot spot serviced by multiple ISPs

Hardware-accelerated AAA FastConnect(TM) for EAP-TLS -- Aruba is expanding on its high-performance hardware-accelerated 802.1X processing for PEAP -- introduced in mid-2006 - extending the same capability to EAP-TLS. This capability is devised to permit greater scalability of authentication servers by removing encryption/decryption requirements from these systems and allowing enterprises to leverage their investment in PKI.

Extending Support for Mobile Applications

Voice Services Module (VSM) -- This new optional software module adds many new capabilities to Aruba's existing features-rich VoFi solution. Many of these voice control and management innovations are enabled by Aruba's application-aware architecture. New functions in the VSM include dynamic WMM queue management and customization, phone number awareness for network monitoring, display of SIP call detail records, automatic QoS monitoring with dynamic display of call quality using R-values, computation of end-to-end network delay to aid in voice troubleshooting, WMM queue content enforcement, and automatic tracking of SIP authentication to ease interoperability and increase security in voice networks.

Location Tracking Integration with AeroScout -- Within ArubaOS 3.1, Aruba provides interoperability with products from real-time location services leader, AeroScout. Specifically, the Aruba infrastructure now recognizes and communicates with AeroScout's Wi-Fi-based Active RFID tags, and can accurately transmit the location of these tags to an AeroScout enterprise software. With Aruba and AeroScout, an organization can securely run existing mobile applications and add location-based applications on the same wireless network. Having the same network support mobile data, voice and location services is far more efficient and cost-effective than independent dedicated systems.

Delivering better integration with existing security infrastructure and services

Syslog Processor -- With the new syslog processor, Aruba mobility controllers can receive syslog messages, a commonly supported standard format, from third-party devices such as security appliances. Based on these messages, Aruba mobility controllers can also take specified actions, such as quarantining or completely blocking clients, that violate rules or exhibit unexpected behavior. Aruba's syslog processing capability is designed to allow enterprises to easily integrate a broader range of best-of-breed appliances that often already exist in today's networks. The syslog processor is added to Aruba's External Services Interface (ESI), which also provides an XML application programming interface (API).

Enhanced GuestConnect(TM) and Multiple Captive Portals -- Aruba's enhanced GuestConnect capabilities allow users such as a front-desk receptionist to quickly and securely provision guest access accounts for visitors. A receptionist can now automatically generate a guest username / password and print a guest access ticket to a local printer using customized graphics and acceptable use-policy text. Administrators are also given more control over the expiration time of guest accounts to ensure that they are in line with established security policies.

Security Integration with ArcSight -- ArubaOS 3.1 standardizes and simplifies log messages for use with other vendors' management platforms. Aruba is working with ArcSight, a leader in security and network information management, to develop an Aruba SmartAgent for ArcSight's event management platform. After implementation, the ArcSight platform will be able to correlate security event messages generated by Aruba equipment with messages from other security devices in the network, enabling enterprises to respond to the right security issues at the right time.

USnortU IDS Integration -- Aruba can now send wireless intrusion detection alerts to Snort, an open source intrusion prevention system and the most widely deployed intrusion prevention technology worldwide. For organizations that use Snort, this enables a centralized reporting point for all intrusion detection, wired and wireless. In addition, Snort is able to send commands back to the Aruba mobility controller to take actions, such as changing a user's role or blacklisting a user.

Pricing and Availability

ArubaOS 3.1 is expected to be available on February 23, 2007 and is included at no additional charge as an upgrade for existing customers with support. MMS 2.0 is available now and is included at no additional charge as an upgrade for existing MMS customers with support. MMS 2.0 is available for purchase starting at $3,995 North American list price.

About Aruba Networks, Inc.

Aruba Networks provides an enterprise mobility solution that enables secure access to data, voice and video applications across wireless and wireline enterprise networks. The Aruba Mobile Edge Architecture allows end- users to roam to different locations within an enterprise campus or office building, as well as to remote locations such as branch and home offices, while maintaining secure and consistent access to all of their network resources. Using the Aruba Mobile Edge Architecture, IT departments can manage user-based network access and enforce application delivery policies from a single integrated point of control in a consistent manner. Aruba's user- centric enterprise mobility solution integrates the ArubaOS operating system, optional value-added software modules, a centralized mobility management system, high-performance programmable mobility controllers, and wired and wireless access points. Based in Sunnyvale, California, Aruba has operations in the United States, Europe, the Middle East and Asia Pacific, and employs staff around the world. To learn more, visit Aruba at Hhttp://www.arubanetworks.com .

NOTE: Aruba Networks is a registered trademark, and Aruba The Mobile Edge Company and Mobile Edge Architecture are trademarks of Aruba Networks, Inc. All other trademarks or registered trademarks are the property of their respective holders. Specifications are subject to change without notice.

Aruba Networks, Inc.

CONTACT: Don Reckles of Aruba Networks, Inc., +1-408-329-5108, ordreckles@arubanetworks.com; or Jay Nichols of Sterling Communications, Inc.,+1-415-392-2300, or jnichols@sterlingpr.com, for Aruba Networks, Inc.

Web site: http://www.arubanetworks.com/

Source: PRNewswire

More News in this Category