New 802.11n technology has made it possible for even large enterprises to build mission-critical wireless LANs, but as Wi-Fi infrastructure gets bigger and more complex, engineers face new issues of reliability,
To address these issues, vendors are launching a flurry of new technologies for strategies that will provide more bandwidth, ensure performance and enable automated provisioning for wireless clients. These strategies include new kinds of policy setting for access control, application awareness and capacity management -- all with the goal of making wide-scale wireless LAN in the enterprise workable.
“WLAN as a pervasive edge technology is still in the early stage. In [the] early 2000s, we worried about connectivity. In [the] mid-2000s, we worried about mobility. Today, it’s pervasive deployment and usage [we are worried about],” said Meru Networks senior vice president Kamal Anand.
Meru's strategy: Application awareness and more bandwidth
Meru set out to tackle the huge influx of mobile devices and the expectation of employees to see reliable application performance on these devices with a three-part strategy.
First, the vendor augmented its Identity Manager with SmartConnect to auto-configure self-registered clients for 802.1X. Second, for higher-density wireless LANs, Meru introduced the 3 radio/3 stream AP400 series to deliver 50%more RF bandwidth, along with a 2x10 GigE MC4200 Controller to quadruple core network uplink capacity. Third, Meru made its System Director 5 OS application-aware to better satisfy latency-sensitive flows such as Microsoft Lync or other communications applications.
“With app-awareness, we can detect that a flow is SIP. We can see the codec and provision policies to make sure the client gets clear channel access every 20 ms,” said Anand. “This lets us consistently produce MoS above 4.0, even in the presence of high-volume traffic. We also offer integrated spectrum analysis to scan both bands continuously, providing accurate interference classification and proactive channel adjustment.”
Aruba's plan to scale enterprise WLANs: RF management and access control
Aruba Networks has also been working to more cost-effectively scale enterprise wireless LANs by implementing a combination of RF management and automated mobile access control.
“If someone connects a Kindle, what do I allow them to access? I need to know who they are, what they are, where they are and what they need in terms of performance -- and I must avoid help desk impact,” said Robert Fenstermacher, Aruba's director of product marketing.
So Aruba introduced its Mobile Virtual Enterprise (MOVE) architecture, which can grant per-user access privileges on both wired and wireless networks while taking into consideration the “what and where” context, Fenstermacher said.
Aruba also introduced Mobile Device Access Control (MDAC), which combines device fingerprinting and self-registration with Amigopod visitor management to automate client provisioning.
Finally, Aruba added application classification to better prioritize and adapt RF management.
“WLANs now have wired-like capacity, but it must be allocated across a diverse and dense client base,” said Fenstermacher. “With more devices relying on Wi-Fi, some apps demand more robust connections. We think the solution is application-awareness. Even for encrypted traffic, we can do pattern analysis and apply heuristics to identify apps.”
Cisco's plan to cut enterprise WLAN total cost of ownership
As enterprise wireless LANs grow, OpEx rapidly dwarfs CapEx. Every vendor seems to be scrambling to trim cost of ownership, including Cisco Systems.
Customers are looking for ways to reduce operating costs in part because wireless is harder to manage, said Cisco wireless business unit director Greg Beach.
“Visibility is key in mission-critical WLANs [due to] proliferation of devices that rely on shared spectrum, including Wi-Fi, Bluetooth, video cameras and DECT phones,” said Beach. “CleanAir can detect, classify and mitigate RF interference to lower troubleshooting expenses. That includes the ability to switch channels automatically and being able to locate interfering devices.”
Cisco also moved to simplify management across network domains by replacing its Wireless Control System (WCS) with a new Network Control System (NCS). Instead of using independent systems to provision clients for wired or wireless access, customers can now use NCS for consolidated policy definition and visibility. For example, with NCS, help desk staff can more easily see all wired and wireless devices for a given user.
Finally, companies that are highly distributed also need branch office wireless LAN solutions that are more affordable. To this end, Cisco introduced its Flex 7500 Series, letting over 2,000 branch office APs switch traffic locally while being centrally-managed through a data center controller. “Flex avoids requiring a controller at every branch, which was costly from an OpEx perspective,” said Beach.
Aerohive offers cloud-managed enterprise WLAN
Large organizations such as retail and healthcare were first to deploy WLANs pervasively. But mid-sized businesses are now moving to Wi-Fi, and they're turning to cloud-based management solutions.
“In the mid-market, IT has flat growth and few Wi-Fi specialists,” said Aerohive Networks director of product marketing Joel Vincent. “With everything converging on Wi-Fi, we need to simplify what folks do every day for devices of varying quality and performance without overhead.”
Aerohive’s controller-less WLAN architecture, cloud management and client health assessment are thus designed to minimize complexity.
Now, Aerohive is leveraging that heritage to offer cloud-enabled networking, simplifying deployment and operation by all businesses, including the mid-market. “Our Branch-on-Demand can bring a headquarters-like experience to every user, regardless of location,” said senior product manager Abby Strong. “We can drop-ship cloud-enabled routers and APs to branch offices to deliver unified wired and wireless policy enforcement, starting at $99/year.”
Specifically, Aerohive 330/350 APs and new branch routers can be installed in remote offices, tunneling selected traffic to a cloud VPN gateway that applies security services (e.g., WebSense, Baracuda). HiveManager Online has been expanded to offer workflow wizards that anyone can use to configure not just those APs and routers, but VPNs and security services, with little effort or network-savvy.
“Branch-on-Demand offloads management and visibility to the cloud, while enforcing consistent policies based on user identity, independent of location,” said Strong. “This is ideal for the small branch or telecommuter that previously had to choose between an unmanaged router or an expensive managed device.”
This was first published in November 2011