Link Search Menu Expand Document

Table of contents

Campus Services Layer

TheServices Layeris where the operations team interacts with the Connectivity and Policy Layers. It provides significant capabilities leveraging Artificial Intelligence (AI), Machine Learning (ML), and location-based services for network visibility and insights into network performance. By leveraging a unified data lake in the cloud, Aruba ESP (Edge Services Platform) correlates cross-domain events and displays information in context, unlocking automated root-cause analysis while providing robust analytics.

The primary homes for Services Layer functionality are Aruba Central and Aruba ClearPass Policy Manager.

Aruba Central

Aruba Central simplifies the deployment, management, and optimization of WLAN, LAN, VPN, and SD-WAN. This eliminates the time-consuming manual process of moving information from one management platform to another or trying to correlate troubleshooting information across multiple views. Central is the single pane of glass for Aruba ESP. The use of integrated AI-based ML, IoT device profiling for security, and Unified Infrastructure management accelerates the edge-to-cloud transformation for today’s Intelligent Edge.

Central key features

  • Cloud-native enterprise campus WLAN software
  • AI Insights for WLAN, switching, and SD-WAN
  • Advanced IPS/IDS threat defense management
  • Mobile application-based network installation
  • Unified management for access and WAN edge
  • Live chat and an AI-based search engine
  • 云,内部s and as-a-service (aaS) options

Central is a cloud-native microservices-based platform that provides the scalability and resilience needed for mission-critical environments. Central runs in the cloud, so it is adaptive, predictable, and horizontally scalable with built-in redundancy, unlike an on-premises solution. Central also provides seamless access to Aruba ClearPass Device Insight, Aruba User Experience Insight (UXI), and Aruba Meridian to furnish significant capabilities leveraging AI/ML and location-based services for network visibility and insights.

ClearPass Policy Manager

ClearPass Policy Manager provides role- and device-based secure network access control for Internet of Things (IoT), bring your own device (BYOD), and corporate devices as well as employees, contractors, and visitors across wired, wireless, and VPN infrastructure. With a built-in context-based policy engine, RADIUS, TACACS+, non-RADIUS enforcement using OnConnect, device profiling, posture assessment, onboarding, and visitor access options, ClearPass is unrivaled as a foundation for network security for organizations of any size.

ClearPass also supports secure self-service capabilities, making it easier to access the network. Users can securely configure their own devices for enterprise use or Internet access based on administrative policy controls. Aruba wireless customers get unique integration capabilities, such as AirGroup, as well as ClearPass Auto Sign-On (ASO). ASO passes a user’s network authentication automatically to their enterprise mobile apps, so they can get right to work.

ClearPass Policy Manager key features

  • Role-based, unified network access enforcement across multi-vendor networks
  • Intuitive policy configuration templates and visibility troubleshooting tools
  • Supports multiple authentication/authorization sources (AD, LDAP, SQL)
  • Self-service device onboarding with built-in certificate authority (CA) for BYOD
  • Visitor access with extensive customization, branding, and sponsor-based approvals
  • Integration with key UEM solutions for in-depth device assessments
  • Comprehensive integration with the Aruba 360 Security Exchange Program

ClearPass is the only policy platform that centrally enforces all aspects of enterprise-grade access security for any industry. Granular policy enforcement is based on a user’s role, device type and role, authentication method, UEM attributes, device health, traffic patterns, location, and time of day. Deployment scalability supports tens of thousands of devices and authentications, surpassing the capabilities of legacy AAA solutions. Options exist for small to large organizations, from centralized to distributed environments.

ClearPass Device Insight

Networks have become increasingly complex, due in part to the adoption of IoT devices, which can be difficult to detect and manage. To leverage mobile and IoT operational efficiencies, many organizations deploy a range of devices without fully understanding the security and compliance implications.

Aruba ClearPass Device Insight (CPDI) provides visibility across the network by intelligently discovering and profiling all connected devices. This includes detailed attributes, such as device type, vendor, hardware version, and behavior including applications and resources accessed. Organizations can create more granular access policies, reduce security risks, meet key compliance requirements, and make better informed network access control decisions.

Integration with ClearPass Policy Manager delivers comprehensive policy control and real-time enforcement. This makes the visibility provided by ClearPass Device Insight actionable and increases the overall level of security and compliance for all devices connected to the network.

User Experience Insight

Aruba User Experience Insight (UXI) is a cloud-based service assurance solution that validates network health and troubleshoots problems that affect day-to-day user experience. Ideal for campus and branch environments, UXI assumes the role of a user, evaluating the performance, connectivity, and responsiveness of the network as well as services, such as corporate ERM or Microsoft applications. This outside-in perspective is presented through a simple, intuitive dashboard that provides a proactive way to solve problems before they impact the business. UXI is easy to configure, deploy, and manage, and it immediately begins providing insights once sites are online.

Meridian

Aruba Meridian, a cloud-based, software-as-a-service (SaaS) solution, is part of Aruba’s location services portfolio. It includes both mobile engagement and asset tracking. Customers can start with wayfinding, proximity-based notifications, or digital asset tracking, and add functionality as needed via simple subscription-based licensing. Meridian’s cloud-based architecture allows organizations and venues—such as corporate and university campuses as well as stadiums, airports, museums, hospitals, and retail stores—to easily manage their location services needs from anywhere. Proximity-based notifications and analytics make Meridian the industry’s leading full-featured location services platform.

Service Capabilities

Some of the key service capabilities of Aruba ESP campus include Live Upgrade, AI Insights, AI Assist, AirGroup, Air Slice, AirMatch, and ClientMatch. The nature of Central as a services platform means capabilities can be added without the need for infrastructure upgrades or significant design overhauls for a customer’s environment.

Live Upgrade是一个阿鲁巴岛遥测技术,使用网络data to understand how the network can be upgraded with the least impact. It then coordinates between clients and hardware to minimize the need for maintenance windows and downtime.

AI Insightsis a capability in Central that quickly identifies, categorizes, and resolves issues that would impact client onboarding, connectivity, and network optimization. These insights provide clear descriptions of the detected issue, data visualizations, recommended fixes, and contextual data to determine the overall impact. AI Insights uses ML-based network analytics to deliver optimization recommendations around mobile workers and wireless and IoT devices. Data from multiple sources, including your wireless infrastructure, DHCP, and authentication servers, is gathered in an on-site data collector. The compressed data is sent via a secure tunnel to the AI Insights cloud instance, where network connectivity and performance are analyzed by ML-based models using Aruba’s Wi-Fi expertise and the latest cloud technologies.

A web-based dashboard shows insights along with root causes and recommendations to fix immediate and foreseeable performance issues. Aruba 5xx series APs work seamlessly with AI Insights to automatically power down when demand ceases and power up when demand returns. AI Insights uses predictive analytics and ML to identify usage patterns. After a brief learning period, AI Insights can predict when demand will stop and start.

AI Assist不间断的技术助理,帮助盟吗gment network operations. AI Assist uses event-driven automation to collect and post relevant data for the internal help desk and the Aruba Technical Assistant Center. Having all the data about an issue centralized removes the need for multiple analytical tools. Everything is displayed in context, in single views, to help resolve problems quickly.

AirGroupis an Aruba technology that aids in mDNS and SSDP style discovery protocols across VLANs. AirGroup also allows a group of these devices to be accessed no matter the client location or VLAN. Several technologies can be used with AirGroup to scale to a customer’s needs. AirGroup brings enterprise controls to technologies not designed for the enterprise.

Air Sliceallows Aruba Wi-Fi 6 APs to prioritize client traffic at the radio level. This technology is transparent to the client, so it has no integration or standards requirements, unlike older technologies. Air Slice tightly integrates into the DPI firewall capabilities of the AP, so Air Slice policies can be created and based on applications instead of ports and IP addresses.

AirMatchprovides automated RF optimization by dynamically adapting to the ever-changing environment. In Aruba ESP, the AirMatch service is moved to Central, which is capable of computing and deploying RF allocation to APs across the network. The AirMatch service receives telemetry data from APs for radio measurements, channel range, transmit power range, operational conditions, and local RF events such as radar detection or high noise.

ClientMatchis the feature that allowed Aruba to be the first networking vendor to offer AI/ML capabilities. ClientMatch optimizes the client association by continuously scanning the wireless environment and sharing information about the clients and the APs. Based on the dynamic data, clients are steered to the most suitable AP, and no software changes are required in the clients to achieve this.

Back to top

© Copyright 2022 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go toAruba EULA.

Baidu