Bo d customer_presentation-q2-2012

© 2012 Aerohive Networks CONFIDENTIAL

Aerohive Branch on Demand

Customer Presentation


Aerohive: Simpli-Fi

Unified policy and security mgmt from the cloud

Service and resource aware, self organizing

networks

Contextual, identity-enforced,

secure access

Wi-Fi

Wired

Routing / FW

VPN

Same Policy and Network

Redefining Enterprise Access

Innovative implementations - solving real customer issues

Easy, Operationally Inexpensive

Scalable, Reliable Secure, FlexibleSimpli-Fi Complex Enterprise Networking


Branch Office Options

How does an IT organization scale to meet the needs of today’s evolving “Branch”?

3

Pros: • Works great for a

single client

Cons: • Per-connection

licensing• Client for VoIP phones?• No consistent policy

Pros: • Inexpensive• Wired/Wireless

Support

Cons: • No centralized

management• Requires expensive

head-end solution• No consistent policy

Pros: • Centralized

Management with consistent policy

Cons: • Start around $1000• Requires expensive

head-end solution• Pre-staging

required

SSL VPN Consumer Off-the-

Shelf

Traditional Enterprise


Branch Office Solutions

4

"Our challenge is enterprise routing at the low end“

- John Chambers, Nov 10th, 2011

~$1000

1-Page!

Connect.

Discover.

Provision.

Go!

~$700

User GuideEnd User Guide

30 Pages !!!!

Traditional Approach Branch on Demand


Introducing the BR200

Single Radio 5X 10/100/1000 2X PoE PSE3x3:3

11abgn

BR200 adds full Aerohive Wi-Fi• Spectrum Analysis• WIPS

BR-200 WiFi PoE

BR-200-WP 3x3 WiFi 2x PoE PSE

BR-200 None None


Branch On Demand

• Delivers “Headquarters-like” secure wired/wireless network to every user regardless of location. › Delivered to site – no pre-staging required› Automated, cloud-enable provisioning› Automated IP Address Management

• Simplifies branch office deployments by redefining the economics, control, and performance of branch office and teleworker access› Easy cloud-enabled management, configuration, and visibility› Integrated VPN, RADIUS, Spectrum Analysis, and WIPs in a low-

cost device (BR200-WP)› Unified wired and wireless policy and visibility› No truck rolls or technicians required to install


Expanding Branch on Demand – BR200

• Aerohive expands enterprise networking portfolio› BR200 and BR200-WP extend branch office deployments

with compact, cloud- enabled routers that are engineered for enterprises that are big on security and performance.

• Simplifies branch office deployments› Integrated VPN, RADIUS, Spectrum Analysis, and WIPs in a

low-cost device› Easy cloud-enabled management, configuration, and

visibility

7


Components of Branch on Demand

Cloud Services Platform1

IPsec VPN

HiveManager Online

1

Aerohive Branch Routers2

Cloud VPN Gateway3

Cloud Web Security4

BR200BR100

AP330AP350

2

Cloud VPN Gateway

3

4


Internet

Consistent Policy, Security, and Permissions

9

Corp

@ Home

Home Printer

Work Laptop

Personal iPhone

@ Corporate

Personal iPhone

Work Laptop

Guest Laptop

@ Branch

Corp VoIP Phone

Work Laptop

Personal iPhone

Guest Laptop


Internet

HiveManager Online

HQ

BR200

Cloud VPN Gateway(VPN

Concentration)

Cloud Service Platform

Deployment Scenarios - Enterprise Branch

10

HQ Access via VPN & HTTP via Cloud

Security

3G/4G Primary/Backup

GuestAccess

Printing available to all VLANs using Bonjour Gateway with the APs


Internet

HiveManager Online

HQ

BR200-WP


Concentration)


Deployment Scenarios - Retail Branch

11

HQ Access via VPN & Internet

via Cloud Security


PCI

GuestAccess

PoE

PoE


Internet

HiveManager Online

HQ

BR200


Concentration)


Deployment Scenarios - Healthcare

12Clinical and

Admin Access


GuestAccess

Printing available to all VLANs using Bonjour Gateway with the APs

http://images.google.com/imgres?imgurl=http://farm1.static.flickr.com/204/484582457_c4f65a4c7b.jpg&imgrefurl=http://www.bendblogs.com/VoIP_Now/&h=119&w=93&sz=4&hl=en&start=6&um=1&tbnid=C2QL0b3csD8MVM:&tbnh=88&tbnw=69&prev=/images?q=vocera+tags&um=1&hl=en&rls=com.microsoft:*:IE-SearchBox


Branch Connectivity with HQ Experience

• Mobility/Wireless control and intelligent› Wi-Fi, Survivability, Resiliency

• Routing and Networking› VPN, Ethernet, WAN Backup

• Address/L3 Service› IP Address Management, DNS,

DHCP• Security and

Authentication Services› Stateful Firewall,

Authentication, Radius, 802.1x› L4-7 protection (per corporate

policy)

• Identity-based Policy Enforcement› Mobile Device access controls› Quality of service

• Management and Visibility› Client stats and connection

health reports› Wi-Fi information, client health,

spectrum info, Rogue AP› VPN stats› Compliance reporting › Topology detail› Problem remediation: Remote

packet capture, SLA compliance

13

DEVICE

CLOUD


Aerohive Routing Product Line

14

BR 100 BR 200 HiveAP 330 HiveAP 350

Single Radio Dual Radio

2X 10/100/1000 Ethernet

5-10 Mbps FW/VPN 30-50Mbps FW/VPN

1x1 11bgn 3x3:3 450 Mbps 11abgn

5X 10/100 5X 10/100/1000

0 PoE PSE0 PoE PSE 2X PoE PSE

*

* Also available as a non-Wi-Fi/non-PoE device

L3 IPSec VPN

Gateway (VMware)

~500 MbpsVPN1000

Tunnels2 Virtual

Interfaces

Cloud VPN Gateway


BR100 vs BR200

15

BR100 BR200/BR200WP

5x FastEthernet 5x Gigabit Ethernet

1x1 11bgn (2.4Ghz) single radio 3x3:3 11abgn dual-band single radio (WP model)

No integrated PoE 2x PoE PSE 30W (in WP model)

5-10Mbps FW/VPN Throughput 30-50Mbps FW/VPN Throughput

No Spectrum Analysis Integrated Spectrum Analysis (in WP model)

Basic Rogue Detection Full Aerohive WIPS (in WP model)

External RADIUS/AD Support only Integrated Aerohive RADIUS, proxy, and AD

Monitoring via HiveManager only Monitoring via HM or external log servers


Deliver High Quality VoIP to Remote Users

• Deploy high-quality, hassle-free voice to remote users.

• Control VPN costs with no SSL VPN license per device.

• SIP/SCCP/Spectralnk support• Auto-sensing of IP phones • 802.1X/Access control• Dynamic QoS for voice traffic


Network management for your whole network

17


Simpli-Fi Configuration

18

How Many Sites do I need?

What config should they get when they phone home?


Simpli-Fi Unified Wired and Wireless Policy

19

Add Wireless SSIDs and apply the User Profile

Add Wired access permissions with the User Profile

Object-based management allows same network and permissions for Employees regardless of connection type!


Branch

Websense Cloud Security Partnership

The Challenge• Stopping modern malware requires more than

AV and firewall• Leaving remote users unprotected is downright

dangerous• Tunneling Web traffic through headquarters is

slow and expensive

The Solution

Branch Routers Hosted Web Security Gateway

Cloud-based Web Security for all Remote Users

20

Protecting your business requires security for all users no matter where they are or how they access the Internet


Cloud Proxy – How does it work?

1 Client makes a HTTP/HTTP request

2 Aerohive BR checks if client network is configured to use web security

3Aerohive BR confirms traffic is not destined for resources across the tunnel and not whitelisted as trusted

4Traffic is forwarded with client identity to the cloud security partner and processed based on identity

Expanding our Cloud Services Platform to Enhance Security


Simpli-Fi Deployment

22

Connect

Discover

Provision

GO!


Simpli-Fi Management of Remote LocationsCentralized Whole Network Visibility

23


Branch on Demand Competitive

24

Branch Router/Wi-Fi

VPN Gatewa

y

Management

Policy Server

Licenses

Controller

HiveAPs & BRs

Cloud VPN GW

HiveManager

Branch On Demand

+AP and SRX

100

SRX 3400

NSM + STRM

UAC

Branch Solution

License Manager

Cisco 8xx

Cisco ASA

Configuration Engine and WLAN

Mgmt

Access Control and Security Mgr

Wireless LAN

Controller

Cisco Virtual Office

VBN

Policy Enforcement FW License

Remote AP Content SecurityWIPS/Spectrum

Security Suite

RAP 2 & 5

MMC 6000

Airwave &Amigopod

Branch Controller


Summary

25

• Consistent Policy everywhere wired or wireless• Zero-touch provisioning; Automatic Configuration• Remote visibility reduces Operational Expenses

Cloud-enabled NetworkingUsing cloud services to unlock efficiencies never before possible with traditional network architectures


THANK YOU!

Bo d customer_presentation-q2-2012

Documents

Transcript of Bo d customer_presentation-q2-2012