Aruba’s Virtual Branch Networking (VBN)
Aruba came with a nice remote access architecture called Virtual Branch Networking (VBN), in the VBN architecture every Remote Access Point (RAP) operates as a remotely managed Access Point which tunnels all traffic through a VPN tunnel to the corporate network. A nice solution IMHO because it’s easy to configure and manage from the administrators perspective offering ‘zero-touch’ provisioning and the enforcement of role-based access policies.
For putting the full VBN features in action like ‘zero-touch’ provisioning is only supported today by 3000 and 6000 controllers running a ‘RN’ ArubaOS 3x image (eg. v3.3.2-rn3.0), in the release of ArubaOS 5x all VBN features will be integrated in one image; Aruba announced for the release of ArubaOS 5x in March this year. Aruba offers the following new RAPs to be implemented using VBN:
- RAP-2WG: Small single-radio (802.11b/g) AP with two 10/100 Ethernet Ports, targeted for use by small branch and home offices up to 5 users.
- RAP-5WN: Desktop/Wall-mount dual-band (802.11a/b/g/n) AP with five 10/100 Ethernet Ports, targeted for use by medium branch offices up to 256 users.
- RAP-5: Wired-only AP to incorporate authentication policies for wired network devices , targeted for use by small/medium branch offices; please note this model does not offer wireless VBN.
Non-VBN APs like the AP-105 or AP-125 can be integrated in to the same network manually, however the ‘zero-touch’ provisioning VBN feature is not supported.
From the end-users perspective the ‘zero-touch’ provisioning feature is just great! Just connect the Ethernet port 0 of the RAP to an Internet connection and Ethernet port 1 to a PC or notebook, wait a few seconds for the RAP to complete it’s boot sequence and open a browser to any URL. The RAP wil automatically re-direct the user to the provisioning webpage, enter the supplied controller IP or FQDN and enjoy the show! The RAP will be automatically provisioned with the firmware and corporate policies supplied by the Aruba controller. When finished the RAP will reboot and your corporate wireless business network is available to the user.
Additionally Aruba offers a wizard to generate a brief instruction manual with the IP or FQDN of the Aruba Controller present, unfortunately the instructions are only provided in English which could be a problem for some users.
I think Aruba’s VBN is a great solution as addition to their portfolio, there are still some small bumps and glitches concerning the ‘zero-touch’ process but nothing serious. I think VBN is a great solution for companies that want to extend their wireless corporate network to branch offices and home users with the same security benefits.
References:
- For more information about design and implementation guidelines for VBN Aruba has a great reference guide available at their website.
- A nice article about how to configure Aruba’s VBN using a 3200 controller and RAP-2WG RAP visit Peter Bazelmans blog.
Subscribe to the comments for this post
Sorry, comments for this entry are closed at this time.