Aruba AirWave 7 Manages by Air and Land
Aruba Networks' AirWave 7.0 provides outstanding historical user tracking and excellent management capabilities both for Aruba and third-party wireless networking gear. Meanwhile, new management support for wired infrastructure components show promise, but could stand fleshing out in both breadth of product support and depth of the management features offered.
As if answering the call put forth by Extreme Networks' Harpreet Chadha in Wayne Rash's article "Enterprise Wireless: It's All About the Work," AirWave 7.0 takes some baby steps to bridge the management divide between the wireless and wired networks in multivendor environments, a goal also touted by Hewlett-Packard as part of its "Single Pane of Glass" management campaign. Already well known for its WiFi infrastructure and RF management prowess, the latest version of AirWave adds oversight and, in some cases, management capabilities for wired network devices (switches) as well as some endpoints.
AirWave pricing is based on the modules licensed as well as the overall number of devices managed by the system. For a network that includes 200 managed devices (including wireless controllers, access points and switches), AirWave 7.0 costs $14,995 for the software-which includes the AirWave Management Platform (AMP), VisualRF mapping software, and the RAPIDS rogue detection component.
I tested AirWave 7.0 in conjunction with an Aruba-based WiFi network (an Aruba 651 Controller with Access Point, plus two Aruba AP-125s and two AP-105 802.11n access points), which provided both the over-the-air detection and device connection information to the AirWave platform. To gauge third party management features, I pulled a legacy Cisco Aironet 1200 access point and an assortment of older Cisco Catalyst (2900 series and 3550 series) and HP ProCurve (2626-PWR) switches under management as well.
I set up AirWave to automatically detect wired network devices, pointing AMP to automatically scan managed subnets for manageable devices. The scans look for SNMP- or HTTP-manageable network devices, based on the community strings or credentials I appended to the scan configuration. I could also manually add devices for management within AMP one by one, or in a batch by importing a CSV file.
The amount of control and oversight over wired infrastructure devices depends on AirWave's level of support for the platform in question. At a bare minimum for completely unsupported devices, AirWave can monitor whether the device is up or down via ICMP. A medium tier of monitor-only support is offered for HP, Netgear and other networking products, while the premium configuration services are reserved primarily for Cisco Catalyst gear.
Prospective customers should definitely check Aruba's list of supported devices before purchasing to ensure the needed level of support will be offered.
For my HP switch, AirWave displayed an assortment of information culled via SNMP. From the Adobe-Flash heavy AMP console, I could track switch memory and CPU utilization (averages and maximums), as well as bandwidth utilization (average and max kbps, in and out). By default, each graph shows only a few hours of activity, but I could easily adjust the time frame to show a year's worth of data using the simple slider bar underneath the graphs.
I could view port status of each managed switch from within AMP, as well as the firmware revision on the device. AirWave collects CDP data from the network, which provides some insight into how devices are interconnected. Lastly, I was able to upload the switch configuration from a known good source as a baseline template, which allows AirWave to notify me if the switch configuration or firmware level changes from that mark.
Unlike with the HP switch, I found AirWave let me move Cisco Catalyst switches out of monitor-only mode to read/write mode, allowing me to upload templates from AirWave to the switch in order to adjust the running or startup-config files, with AirWave tracking all configuration files used over time. Unfortunately, I could not yet upload updated versions of IOS to the switches via AirWave, a disappointment since AirWave has included firmware management of Cisco access points for years.
Although I have not tested HP's H3C multiplatform-supporting Intelligent Management Center, the demonstrations I saw at Interop in April hint that a wider array of wired networking vendors will be manageable through their solution. As a trade-off, however, HP's wireless and RF management capabilities likely can't match that available through AirWave.
AirWave 7.0 also brings customizable administrative views to the table, allowing enterprises with large IT staffs to tailor access to AMP according the IT staffer's responsibilities. AMP comes with two roles predefined: an auditing role with top-level, read-only access to the AP/Device Manager and VisualRF; and an Admin role with complete system access. I found I could add additional roles, with separate controls defining read and write access to the device tab, VisualRF and RAPIDS. If I organize my managed devices into folders within AMP (say one for New York and another for San Francisco), I could also restrict a role's oversight to certain parts of my infrastructure.
Although it has been several years since I last reviewed AirWave, I was nonetheless impressed with the amount of improvement within the platform when it comes to wireless detections, particularly user tracking within the VisualRF module. I particularly liked the historical location feature, allowing me to play back and view a single WiFi client device's connections and movement over a period of time, providing historical and location context around any service problems reported after the fact.
Although I did not test it as part of this review, Aruba also now offers an optional AirWave Mobile Device Manager module for AirWave 7, extending the platform's reach beyond the infrastructure and the connection to encompass the endpoint device itself. While the VisualRF module already tracks WiFi client usage information such as IP and MAC addressing, associated users, plus connection and location tracking over time, the MDM module purports to add additional over-the-air management capabilities such as inventory tracking, remote control and reboot options, and software deployment for certain classes of in-the-field devices, including handhelds, kiosks and wireless printers.
Windows-based devices (running Windows Mobile, Windows CE, or Windows XP) are supported by the MDM module via the use of a lightweight client service on the endpoint, while O'Neal printers are supported without need for any agent.