The broadcast filtering option does not require the Policy Enforcement license. It will drop all traffic besides ARP, and DHCP, yes. Clients will be able to discover and communicate with each other without the firewall license to block them, yes.
Our limitations includes but is not limited to:
1: Thin lines to Data Center
2: Some locations uses Local Internet access lines
3: Advanced individial routing and filtering needs on each location that is already present in the localtion Coreswitch.
4: Everything is already set up, and due to man hours and management we need a plug and play drop in solution where we pull out the existing AP's and replace them with Aruba.
1. Understood. If you do not have bandwidth to the datacenter and the controller is not onsite, you don't want to trunnel the traffic back. There are situations where if you have enough access points at a location you would want a controller there so that a site does not rely on the datacenter for management of those devices.
2. If you had a controller at that site, it would be able to provide the advanced routing that you need, including local internet and a guest captive portal, which bridging traffic would not be able to provide; it depends on your need.
3. Understood
4. Understood
If you can, please work with a local Aruba Var/ SE, because I am only giving advice based on what you tell me, and I cannot see the full picture.