© 2013 Aerohive Networks CONFIDENTIAL
Data Connectors Honolulu
Transforming Your Network into a Platform for Mobility
AEROHIVE NETWORKS
© 2013 Aerohive Networks CONFIDENTIAL
Introduction to Aerohive:
2
• Cloud-managed Mobile Networking Company› Cloud (Public & Private), Controller-less
Wi-Fi, Routing, VPN, Switching› 5th fastest growing tech company 07-11
» (Deloitte Fast 500 – 44,569% growth)
› 135% YoY growth (2011-2012)› ~10000 Customers› ~500 Employees› Visionary Vendor - Gartner MQ for
Wired & Wireless LAN 2013Branch &
Teleworker RoutersEnterprise Wi-Fi
Cloud Services Platform
Public Partner Private (on-premise)
Access Switches
Wi-Fi Unified Access
Visionary Gartner Magic Quadrant 2013
Unified Access
Visionary Gartner Magic Quadrant 2012
Unified Access
Visionary Gartner Magic Quadrant 2011
Wi-Fi
Gartner MQ
© 2013 Aerohive Networks CONFIDENTIAL
You need to enable them, without drowning in complexity
$XSecurity Performance Reliability Cost
New Requirements of the Network Edge
• Corp deployed enterprise devices
• WLAN overlay
• Network centric
• Monolithic
• Corp / BYOD enterprise / consumer devices
• Ubiquitous Wi-Fi Access
• User Centric
• Elastic
3
Yesterday Today
Cloud-enabled, self organizing, application aware, identity-based infrastructure
Aerohive Networks - Simpli-fi Enterprise Networking
Users want to work anywhere, on any device and access any App
© 2013 Aerohive Networks CONFIDENTIAL
Customer Focus
4
Healthcare Retail / Logistics
Education Distrib. Enterprise
Intelligent, scalable, cost effective, resilient infrastructure
© 2013 Aerohive Networks CONFIDENTIAL
Enterprise Deployments
5
HQ Retail
Edu
iPad1:1
Faculty, Guests
Apple TVs
Branch
Unified Wired, Wi-Fi, VPN, FW
Virtualized Mgmt & VPN
TerminationWi-Fi Primary AccessGuest, Corp, BYOD Guest,
Corp, BYOD
TeleworkerWork, Home, 4G,
Cloud Security
Credit Cards. PCI, Inventory, Voice, Kiosks
Logistics
Coverage, Reliability, Voice Picking,
Outdoor
Healthcare
EMR, eMAR, Asset Tracking, Voice
MessagingHigh Density, AD integration, Bonjour, Ease of Use
Cloud-enabled
Data Center
Performance, Contextual Policy Enforcement, Unified Access Layer, MDM enrollment
© 2013 Aerohive Networks CONFIDENTIAL
No data bottlenecks
Service Level Agreements
QoS & Spectrum analysis included
Distributed (Controller-less) Wi-Fi Architecture Delivering simplicity, reliability and affordability
6
Management
Redundancy
Scalability and future proofing
Performance
Centralized cloud-based or
Local management
Management within the network only
No single point of failure
Self healing mesh architecture
No controller tax
Requires multiple controllers
Local data forwarding..what do you lose?
No feature licensing
Start small and grow
Distributed intelligence
Controller capacity?
Feature licenses?
Data bottlenecks
QoS, Spectrum analysis..$$$
(FW, RADIUS, CWP, BYOD, Bonjour GW)
How does it work? Architectural Alternatives Central Vs. Distrib. Control
© 2013 Aerohive Networks CONFIDENTIAL
Load Balancing
Layer 3 Roaming
5 GHz
Resilient Mesh
Layer 2 Roaming
BandSteering
2.4 GHz
54Mbps
450Mbps
11Mbps
SLA, QoS & Dynamic Airtime Scheduling
High Powered Radios, Receive Sensitivity &
RRM
Enterprise Wi-Fi Features
7
Optimization Mobility
Distribution
Receive SensitivityLayer 2/3 Roaming
© 2013 Aerohive Networks CONFIDENTIAL
BYO and Corp Deployed Devices
8
Access defined by ID & Device
RADIUS
PPSKCWP
L2-7 Firewall
Corp userCorp user - BYODGuest user
CORP Policy
Corp VLAN
FW = LAN & Web Approved Apps
10Mbps per userApproved Apps get priority
24HR Access
BYOD Policy
Restricted VLAN
FW = Email & Web, Permitted Apps
5Mbps per user
M-F 8am-9pm
GUEST Policy
DMZ
FW = Web Only, Limited Apps
1Mbps per user
M-F 9am-5pm
User Profiles
OS Detection
MDM Enrollment
Bonjour Gateway
www Corp
Guest, BYOD
AppleTV(AirPlay)
Printer(AirPrint)
Bonjour
wwwCorp
MDM
QuarantineEnroll
BYOD & MDM Bonjour GWL7
© 2013 Aerohive Networks CONFIDENTIAL
Security and Authentication Features
• Authentication support for common directory servers
• Eliminates standalone RADIUS server
• Credential caching for remote/branch survivability
• MAC (L2) based firewall
• Stateful TCP/IP firewall (L3/L4)
• L7 App Visibility & Enforcement
• ALGs for DNS/FTP/SIP
• Policy Based Client Isolation
9
Captive Web Portal Wireless Intrusion Prevention
Remote Site Content Security
WIPS
Directory Integration
Private PSK
Multiple CWPs able to serve scalably
from every AP
Multiple users, same SSID - easy but
unique revocable keys
Stateful L2-L7 Firewall
© 2013 Aerohive Networks CONFIDENTIAL
Cloud-enabled Networking
Routing, VPN and Switching features
10
PoEPoE
• SIP/SCCP/Spectralink support
• Voice Enterprise (Q1)
• Detection of IP phone OS
• 802.1X/Access control
• Dynamic QoS for voice traffic
3G/4G
Unified Wired & Wireless Mgmt
Wi-Fi
Wired
Routing / FW
VPN
Same Policy and Network
Address/L3 Service PoE-PSE, 3G/4G USB
L2 & L3 IPSec VPN Robust Voice Support
Branch on Demand
© 2013 Aerohive Networks CONFIDENTIAL
Support
Manage
Monitoring and Reporting Features
11
Cloud Management
Spectrum Analysis
Client Monitor & Packet Capture
Simple GUI
Topology & Location Tracking
PCI Compliance
Monitor
Management Views
© 2013 Aerohive Networks CONFIDENTIAL
Less Operational Costs
Less Infrastructure Costs
Reduced Capex and Opex
12
Client Health Score
Good connection
High data rates & high successful transmission rates
Marginal connection
Lower data rates / lower successful transmission rates
Poor connection
Low data rates / low successful transmission rates
Cloud Management
Zero Touch Provisioning Self Healing
Client Health Score
© 2012 Aerohive Networks CONFIDENTIAL
AP110
Dual Radio 802.11n
2X Gig.E with 10/100 link aggregation
-20 to 55°C0 to 40°C
3x3:3 450 Mbps High Power Radios
2x2:2 300 Mbps 11n
High Power Radios
1X Gig.E
-40 to 55°C
TPM Security Chip
PoE (802.3af + 802.3at) and AC Power PoE (802.3at)
N/A
Indoor Industrial
Indoor Outdoor
Plenum & Dust Proof
Plenum RatedWater Proof (IP
68)
Aerohive AP Platforms
AP121 AP330 AP350 AP170
1X Gig.E
2x2:2 300 Mbps High Power
Radios
1-Radio 802.11n
USB for 3G/4G ModemNo USB
AP141
USB for future use
2x2:2300 Mbps
Radio
2X Gig E/w PoE Failover
3x3:3 450 + 1300 Mbps
Radios
Dual Radio 802.11ac/n
Plenum/Plenum Dust
Proof 0 to 40°C/
-20 to 55°CUSB 3G/4G
Modem
AP370/390
Indoor/ Indoor Industrial
Dual Radio 802.11n
$1499$999$649$449 $1199
© 2013 Aerohive Networks CONFIDENTIAL
Aerohive Routing Platforms
14
BR100 BR200 WP AP330 AP350
Single Radio Dual Radio
2X 10/100/1000 Ethernet
5-10 Mbps FW/VPN
30-50Mbps FW/VPN
$99
1x1 11bgn 3x3:3 450 Mbps 11abgn
5X 10/100 5X
10/100/1000
0 PoE PSE0 PoE PSE 2X PoE PSE
*
* Also available as a non-Wi-Fi, non PoE device - $499 (BR200)
L2 & L3 IPSec VPN Gateway (VMware)
~500 MbpsVPN1000
Tunnels2 Virtual
Interfaces
Cloud VPN Gateway
$699* $999
~1 - 50 Users (as a router) ~1 - 10 Users
~1 - 50 Users
© 2013 Aerohive Networks CONFIDENTIAL
Aerohive Switching Platforms
15
SR2124P SR2148P
24 Gigabit Ethernet 48 Gigabit Ethernet
4 Ports 1G SFP Uplink 4 Ports 10 Gigabit SFP/SFP+ Uplink
$1799
8 Ports PoE+ (195 W)24 Ports PoE+ (408
W)
128Gbps switching56Gbps switching 176Gbps switching
Available Mid 2013
SR2024
48 Ports PoE+ (779 W)
Routing with 3G/4G USB support and Line rate switching
$2599 $3999
Redundant Power Supply CapableSingle Power Supply
© 2013 Aerohive Networks CONFIDENTIAL
Aerohive software platforms
16
SW Config, & Policy, RF Planning, Reporting, SLA Compliance, Guest Management, Trouble Shooting, Spectrum Analysis
HiveManager Online
Scalable multi-tenant platform, Redundant data centers with diversity, Backup & Recovery, Zero touch device provisioning, Flexible expansion, On demand upgrades, Pay as you grow
HiveManager Virtual Appliance VMware ESXi, HA redundancy15,000s APs with specified configuration
HiveManager Appliance – 2U Redundant power & fans, HA redundancy, 5000 APs
HiveManager Appliance – 1U HA redundancy, 500 APs
StudentManagerVMware ESXiUp to 50,000 students
© 2013 Aerohive Networks CONFIDENTIAL
Aerohive Networks A single architecture for the network edge
Identity & Context Aware e.g. Network firewall on the router knows identity & role of the clients on APs
17
Cloud-enabled, self organizing, service aware, identity-based infrastructure
Aerohive Networks - Simpli-Fi Enterprise Networking
Wi-Fi
Wired
Routing / FW
VPN
Same Policy and Network
Unified policy and security mgmt, from the cloud
Service Aware e.g. AP know the Bonjour services to advertise across the L3 enterprise boundaries
www Corp
Guest, BYOD
AppleTV(AirPlay)
Printer(AirPrint)
Bonjour
Aerohive Networks where increased performance and capacity does not
mean increased complexity!
© 2013 Aerohive Networks CONFIDENTIAL
THANK YOU!
18