Campus Switching and Routing

Reply
MVP
Posts: 2,948
Registered: ‎10-25-2011

Aruba Switch Custumers opinion

Hello everyone

I would like to know of custumers here having arubaswithces

What are the best things of having them? maybe a top 5?

 

And the other quetion how it was decided that it was the better option for your company in which you work?

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Guru Elite
Posts: 8,325
Registered: ‎09-08-2010

Re: Aruba Switch Custumers opinion

- user roles
- full feature set without licenses (example: routing)
- stateful ACLs
- 10G uplinks and different stacking options
- configuration "groups"

Also, it's very difficult to find a full Gigabit, PoE switch with 10G
uplinks at the same price point of the MAS, not even taking into account
all of the layer 3-7 features built in.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 1,110
Registered: ‎10-11-2011

Re: Aruba Switch Custumers opinion

[ Edited ]

We recently made the decision to purchase Aruba switches and swap out our Cisco Catalyst's where possible.  We've deployed a few stacks at a sister-company and are pretty happy with the results.  There was definitely a learning curve due to the use of interface groups and profiles, but once you get the hang of it it's not that bad. We've bought both the 2500s and 3500s (fully loaded) and I'm happy with both models so far.

 

Things I like:

 

Price considering all the stuff you get (10G connectivity, L3 features, no stinking licenses *ahem Cisco*)

Using interface groups and profiles (both a love and hate relationship)

User roles

Simpler AAA config

Front menu panel

 

We decided to try out the Aruba switches for a couple of reasons:

 

Price

Wanting to break from the status quo and try something new/different

We're moving to an all-wireless office model and big, expensive switches are becoming less necessary at the edge.  Because of this, we felt comfortable taking a chance with a different vendor.

Finally, we've been working at simplifying our network infrastructure, and found that the Aruba switches allowed us to simplify our edge switching.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: Aruba Switch Custumers opinion

Hello Compnerd

It seems interesting that about hte profiles...

It seems it would be easier for an administrator point of view to configure it...

 

Correct me if im wrong(i dont have a MAS yet so im unable to test myselft)

As you can have a profile defined on your switch you can actually have a profile for Voice(put the vlan, and the QoS) a profile for Wired Users a profile for X thing)

Then for the admistrator ponit of view, if he is deploying a new iphone he put the profile to the port he is connecting it and thats it!.

 

You can actually have a DHCP server point a  TFTP server for a initial config for the switch,   in which it would have all the profiles!, in that initial config.

If a new switch comes it will automatically have all the profiles, actually the admin will just have to plug it in and thats it.   it looks really time saving, if you do it properly

 

By any chance can you select the profiles of a port on the web gui of the MAS? for some reason many of our clients like using the webgui to configure switches...

 

What is hte experience for your  siter company about this???

 

It would be a way more simple with the ArubaStack! but, not always will have the oportunity to have an arubastack...

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
MVP
Posts: 1,110
Registered: ‎10-11-2011

Re: Aruba Switch Custumers opinion

Carlos,

 

Yes, you would create a voip profile for the voice VLAN and a switching profile for an access port.  There are several other types of interface profiles: dhcp relay, ethernet link, GVRP, IGMP, LACP, LLDP, MSTP, POE, port security, VPST,  etc.  All of these profiles are assigned to an "interface group".  Interface groups are a collection of the interface profiles that you want to apply to your ports.  Assuming you have many ports that can be configured identically, you would create all of your profiles, then assign them to your interface group. Then, you go into the interface group and apply it to the ports.  If you ever need to modify one of these interface profiles in the group, you just modify the profile and the change is applied to all of the ports in the group.

 

TFTP is one way to send the startup config to the switch.  You can also use Airwave to do it.  The most recent versions of Airwave support MAS configuration.

 

The GUI doesn't have full functionality.  You can create most profiles through the GUI, including switching profile, but not a voice profile. CLI is your best bet for apply profiles to your ports.  I really wish Aruba would've developed the GUI more considering the GUI for the controllers is so functional.

 

Overall experience is very positive.  The latest MAS OS release is really good  Added a ton of new features.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: Aruba Switch Custumers opinion

[ Edited ]

Thats nice... the concept is really familiar to me as in our company we sell Fortigates, and tahst the cocepts they use(not for the interfaces(i mean for the firewall rules)

The best thing about this is that almost all our custumers got Fortigates and they are familiar with that concept, and fortinet is sold here but ALOT so most of the possible clients will be already familiar with this concept.

 

The only thing i wanted to know is if you were able to pick the profile from gui like in a drop down???? can you??

 

About creating the profiles i would expect retriving all the profiles the clients needs and create it for them. 

The idea behind all this is making the client know that managing mas is a WAY more simple than any other switch solution.  It just take you to select from the drop down in the GUO the profile you need in the port.

 

And for the first time config, he will autoconfigure itselft, so everything is SIMPLE!!!!
But i need to show this to the client. 

MAS is expensive(if you compare it with HP switches which are the switches that most of companies use here) but if i can show them that they can reduce their Operational cost in the switch configuration and also in the modification it can help.

 

About the airwave i know already about that, but a few clients got airwave... so i would need to go with the DHCP in them.

 

Im Already waiting for my Demo MAS to reach here! i really want to start testing and start giving demos of all this.

 

Cheers

Carlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
MVP
Posts: 1,110
Registered: ‎10-11-2011

Re: Aruba Switch Custumers opinion

You can apply profiles to ports from the GUI using a drop-down, but not all profiles are available in the GUI.  Also, you can't apply an interface group to a port which really makes the GUI useless, IMO.

=======================================
If a reply adequately addresses your issue, please click on the "Accept as Solution" and "Give Kudos" button so this information can benefit other users.
MVP
Posts: 2,948
Registered: ‎10-25-2011

Re: Aruba Switch Custumers opinion

Really? how come you can assign a single profile but you cannot assign a group of profiles with interface group?? it makes no sense... And im aggree with you, it makes it useless...

Most o f the clients will like to manage it to GUI but they wont be able as they cannot select the interface group in there...

 

Ill post your idea on the partner on the enhanced request feature partners got.  They maybe will change that on the upcoming realeases if the idea gets really popular.

 

Last question

All these GVRP, IGMP, LACP, LLDP, MSTP, POE, port security, VPST interfaces profiles are default ones that comes already configured?

 

Cheers

CArlos

----------------------------------------------------
Product Manager - Aruba Networks
Alternetworks Corp
Guru Elite
Posts: 8,325
Registered: ‎09-08-2010

Re: Aruba Switch Custumers opinion

Also remember that in combination with ClearPass, your switch config can be very basic because all of your policy decision (VLAN, role, etc) can come down from ClearPass.

 

99% of our ports on campus are configured with a single generic untrusted interface group.

 

interface-group gigabitethernet "ACCESS-PORT-UNTRUSTED-GROUP-B"
   apply-to 0/0/0-0/0/47,1/0/0-1/0/47,2/0/0-2/0/47,3/0/0-3/0/47,4/0/0-4/0/23,5/0/0-5/0/23,6/0/0-6/0/23,7/0/0-7/0/23
   poe-profile "POE-PROFILE-B"
   aaa-profile "UNTRUSTED-AAA-PROFILE-B"
   port-security-profile "PORT-SECURITY-B"
   no trusted port
!

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Guru Elite
Posts: 8,325
Registered: ‎09-08-2010

Re: Aruba Switch Custumers opinion

[ Edited ]

Also remember that AirWave has a configuration GUI for the switch which is much more scalable.

 

 

"Last question

All these GVRP, IGMP, LACP, LLDP, MSTP, POE, port security, VPST interfaces profiles are default ones that comes already configured?"


Most of those profiles have a default.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: