01-09-2012 04:54 PM
If you are in the vicinity of Long Beach CA, come down and meet your peers, learn best practices, trade tips and enjoy some great food and drink. These events are free of charge you just need to RSVP at http://page.arubanetworks.com/AirheadsLocalLB.html
Date: Wednesday, January 24, 2012
Time: 3:00 pm to 7:00 pm
Location: Long Beach Marriott 4700 Airport Plaza Dr, Long Beach CA
01-24-2012 03:15 PM
At Airheads Local Long Beach now, we have 10-15 attending the event. Here is the agenda:
- Guest access demo: Advertising, Self-Registration
- BYOD demo: Auto-provisioning, device specific policy enforcement
- Wired and wireless demo: Unified policy management per user/device independent of connectivity method.
We are about to start... will keep you all up to date with the discussions here. Post-event blog to follow! :)
01-24-2012 04:17 PM
Aruba SEs Harry Lockwood presenting and Gary Jenkins (aka. sandiegojenkins) running the demo on guest access with Amigopod. Here are the highlights from the Q&A in the room so far during Harry's presentation.
Q: How do you enable role based authentication for guest users?
A: Integrate with existing authentication server (Novell, LDAP, AD, MySQL, RADIUS) where the user accounts are stored. These user accounts will be stored based on user-groups and can be used to enforce policies within the network per user type. This would be the ideal scenario for contractors, temporary workers, etc. For regular guest users, it is recommended to utilize guest access system and enforce regular guest policies. They all can connect to the same guest SSID, saving air-time.
Q: How do you import guest user accounts in large chunks?
A: It is possible to import from XLS and CSV. Guest user accounts can be created automatically and emailed. They can be sent using SMS if the imported data contains mobile phone numbers of the guests. Time period for network access can be defined during the upload.
Q: Can I drop iOS devices on different VLANs to limit Bonjour traffic to a single L2 domain?
A: Device type can be identified dynamically by the infrastructure or the guest access system. Based on that dynamic VLAN assignments can put all iOS devices into the same L2 domain - enabling iOS users to stay within the same L2 domain, able to communicate with each other.
Standby for more notes from Gary's demo :)
01-24-2012 04:49 PM
Unified wireless and wired presentation is next. Gary is on the stage with Greg Pifer (aka. gpifer) talking about extending wireless policies to wired (yes you read that right) and enforcing 802.1x / web authentication on the wired as well. Looking at the discussions in the room, folks are interested in user and device (mostly device) based policy enforcement on the wired networks... printers, gaming consoles, window PCs automatically identified, assigned a different firewall policies or VLANs.
Q: What type of devices can you detect and enforce policies for?
A: Type of device can be detected using Aruba S3500 - printer, gaming console, windows XP, windows 7, etc. The version of the OS on the device can be detected for monitoring purposes but policies will be enforced based on device type. Firewall policies can be enforced based on device type or user role or both.
Q: How do you integrate wireless and wired policies?
A: By managing both wired access switches and wireless access points by a centralized Aruba Mobility Controller which integrates with the same AAA infrastructure and enforces the same firewall rules (per user and device) on wired or wireless. Wired and wireless clients can be on the same or different VLANs.
01-24-2012 10:42 PM
Alright we did not have enough time to complete the BYOD demo so I do not have much to report on that piece... but I have had a lot of interesting conversations with many attending the event. I should highlight that one of the attendees was Al, who happens to be Aruba's first customer - ever! Yes, he is the first one out of 17000+ today... was great to meet him again. I have managed to put him on camera too for an expert video recording but my iPhone4S decided not to record his voice during the interview - and I managed not to check right after recording (I know, rookie mistake).
More details on the blog later but some of the discussion topics during our face-to-face conversations covered:
- Outdoor wireless mesh for video surveillance
- Accessing VDI over wireless in the campus, at home and on the plane! (no joke)
- Remote access points with 3G or satellite backhauls at temporary work locations
- How to handle a major transition - from hotspot type coverage for guests to pervasive Wi-Fi for BYOD?
- Guest access with self-registration and audit-trail instead of relying on PSK
Certainly we packed a lot of good discussion into 3 hours in Long Beach today. Looking forward to Thursday in San Diego!
01-25-2012 09:44 AM
Thanks for hosting!
It was great seeing everyone again, and the Long Beach event was very informative.
Big fan of both Greg and Gary... awesome Aruba team in SoCal for sure!
Wireless Network Engineer