Wireless Network Security Palo Alto Networks / Aruba Networks Integration
Network Management with Aruba AirWave
-
Upload
aruba-networks-an-hp-company -
Category
Technology
-
view
1.980 -
download
4
Transcript of Network Management with Aruba AirWave
Network Management with Aruba AirWave Sujatha Mandava
March, 2014
CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
2 #AirheadsConf
Agenda
Overview of AirWave
Application Visibility
RF Visualization
RF Performance
RF Capacity
UI
Configuration
Scalable Clustered Architecture
Serviceability
Q & A
3CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
What is AirWave
4CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
AirWave Management Architecture
APs / AMs• 802.11 radios• Integrated IDS/IPS• Spectrum Analysis
Controller (or VC)• Centralized Radio Management• Role based Policy Enforcement
AirWave• Long-term History & Trending• WLAN Troubleshooting• Visualization & Reporting
5CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Data Flow to AirWave
SNMP
Trap
sAM
ON
AirWave
ControllerH
TTPS
VirtualController
NMSEmail, SNMP, Syslog
Application Visibility
7CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Overview
8CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Application Visibility: by Destination
9CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
8.0 - AppRF Report
• Top destinations and applications
• Top applications broken down by device type, WLAN, role
• Detailed section for one or more users
10CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
8.0 - AppRF Visualization
• AppRF overlay for clients
• Identifies clients contributing to the selected application.
• TunableThresholds
11CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
8.0 – UCC (Lync, Jabber….)
• Dashboards Identify call quality issues and correlate with client health
• Lync overlay with historical view of calls
• Lync Mobility trail to track historical call sessions
12CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
UCC Dashboard
• Call Volume by protocol: SIP, Lync, Jabber
13CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
UCC Dashboard
• Calls broken down by device type
• Identify the device types having the worst call quality
14CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Dashboard to Diagnostic page
15CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Call Details
• Selecting a call gives details like jitter, delay for the call.
• The red icon shows the point at which the client roamed during the call..
RF Visualization
17CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
VisualRF in HTML5
Improved navigation
18CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
VisualRF in HTML5
• Floorplan with APs/Clients and relation lines
19CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
VisualRF – Heatmaps & Overlays
• Heatmap
20CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
VisualRF – Floor Upload Wizard
21CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Channel Overlay
• Identify Overlapping Regions
RF Capacity
23CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
RF Capacity
2 radios were “heavily utilized” 80-100% of the time.
(“Heavily utilized” is 80%+ utilization).
(Only “on time” is considered. That is, blocks of time the radio is doing something, not the middle-of-the-night).
24CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
RF Capacity
RF Performance
26CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
RF Performance
27CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
RF Performance
Track clients with poor health over time
28CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Watched Clients
UI
30CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
All Graphs in 7.7 Now HTML5
Graphs in AirWave 7.6 and earlier were Flash-basedAll graphs in AirWave 7.7 are converted from Flash to HTML5
31CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
All Graphs in 7.7 Now HTML5
By clicking on a graph, can then zoom in/out, pan, and hover (to get values for each point)
32CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
8.0 UI Improvements – Views
• Select columns and filters to display the desired set of views
33CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
UI Contd.. – Simpler Modify Devices
• Easy to use UI for Modify Devices
Scalable Clustered Architecture in 8.0
35CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
AirWave 8.0 - Multi-server Architecture
Scale to 20,000 APs
• No architecture choice will prohibit > 20,000
• Up to that limit, add another server, get another increment of capacity (symmetric arch)
Single Virtual IP from perspective of controller/VC
• Controllers/VCs need be configured with only a single AMP IPaddr
Failover without human intervention
• Failover transition lasts 10min or less, during which time data collection may be interrupted
• Only data loss might be up to 1hr of client session data; no other data loss
• Simple process to re-introduce repaired server to cluster (or add another server)
Can still run on a single server
36CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Current single-server architecture
SNMP trap recvr
AMON recvr
SNMP pollers
swarm handler
work queue
ALC workers
database
AW-RRD
UI
report gen
config gen/audit
Visual RF
message bus
37CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Multi-server architecture
database backup
SNMP trap recvr
SNMP pollersswarm handler
work queue via [distributed] RabbitMQ message bus
UI report gen config gen/audit
Visual RF
database
database master
ALC workers ALC workers ALC workers
Visual RFVisual RF
worker machine #3worker machine #2worker machine #1
AMON recvr
OpenTSDBOpenTSDBOpenTSDB
Configuration
39CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
IGC: Just like Instant embedded UI
40CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
IGC: Notes and multi-edit
41CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Switch config
CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 42 #airheadsconf
Provisioning Using Activate
AirWave pushes the latest software image and Site A
configuration
Instant AP connects to AirWave server via HTTPS and
associates to the Site A group
Instant AP connects to Aruba Activate via HTTPS and downloads provisioning
details
12
3
Aruba Activate™
10 a.m.
10:02 a.m.
10:07 a.m.
Site A - Configuration ASite B – Configuration BSite C – Configuration C
AirWave™
Secure Data Center
Site C
Site B
Site A
Aruba Instant™
43CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Controller Config
• Local Config
• Bulk edit of overrides – a small set of variables like vlan
• AOS 6.4 configuration
44CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Serviceability
45CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Run CLI command(s) at intervals
46CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
#AirheadsConf
Controller Backups/Config
• Preserve controller backups and provision to restore functionality
47CONFIDENTIAL © Copyright 2014. Aruba Networks, Inc. All rights reserved
Thank You
#AirheadsConf