Aerohive, Big on Distinction (BoD)

Aerohive, Big on Distinction (BoD)

By CWNP On 11/17/2011 - 38 Comments

…or is it Branch on Demand (BoD)? Either way, Aerohive announced the birth of a new child in their product family: the branch router, or AP, or router, or AP router. It’s the offspring of their cloud management offering, their distributed wireless architecture, and their Pareto acquisition in early 2011. Call it a branch in a box, or something like that.

But, wireless networking for branches isn’t new. Aruba has mostly owned this market with their remote APs and mobility controllers. Organizations have enabled mobile employees with RAPs, which are inexpensive enough to be handed out like [sugar-free] lollipops at the dentist. Aruba’s previous competition in this market came mostly from Cisco’s overpriced and somewhat feature-depleted branch options. Meraki has also introduced a cloud-controlled branch routing experience much like what Aerohive is announcing, but have yet to integrate the wireless component with the router. Now, Aerohive is joining the scene with their distributed flavor of the branch experience.

That is, they’ve taken the Pareto routing portfolio and integrated it into APs (330 and 350), and the reverse. They’ve taken the Aerohive AP expertise and integrated it into two models of branch routers (BR100 and BR200). If there’s one word that constantly comes to my mind when I think of Aerohive, it is distributed. Their wireless is distributed, and now this leap into routing extends their distributed networking bag o’ tricks. I like Aerohive’s continuity and focus, largely because their distributed model is flexible and scalable.

The components of Aerohive’s BoD are three: branch routers/APs, HiveManager (management), and the Cloud VPN Gateway (VPN terminator). Management of routing is integrated with the same HiveManager instance as for AP management, using the same object-based platform to control and integrate wireless and routing policies. The Cloud VPN Gateway (CVG) is a VMware software platform designed to be easily expandable as a business or deployment grows, avoiding the stair-step hardware model. In keeping with their “licenses are mostly evil” theme, Aerohive licenses each BR100/BR200 to HiveManager, but for the CVG portion, there’s no per-AP or per-VPN licensing. Licensing simplicity is good for consumers.

Finally, Aerohive seems very excited about their Cloud Proxy feature and cloud security partnerships. Instead of building all of the L4-7 security features themselves, they’re leaning on cloud partnerships with Barracuda and Websense to offload and easily distribute web application security for branches. Admins configure proxies to the cloud-based services that specialize in advanced security services (policing/monitoring web application usage, detecting malware and spam).

What I Don’t Like
I feel the need to poke at their ribs a bit, because a few pieces of the announcement are a little underwhelming. For example, look at details like the AP component of the BR100; it’s a 1x1 11b/g/n radio. Yes, you can have 802.11n without MIMO, but it’s like a cake without frosting or ice cream. Also, some wireless features, like spectrum analysis and WIPS, are not supported due to processing limitations. In some ways, those feature exclusions are expected because of their requirements, but at the same time, remote troubleshooting and security monitoring are two massive advantages to distributed networking. It’s a shame to lose them.

Then other portions of the announcement feel a little rushed. For example, routing for APs comes with HiveOS 5.0, but 5.0 is only for the latest generation of APs. Sure, it’s a way to go-to-market NOW, but it may cause OS disparity between devices within the enterprise. Finally, the BR200 (3x3 11n, Gigabit Ethernet, etc.) is announced, but will not be released for several months in 2012. Perhaps it's all part of a drip release strategy.

Redemption
Perhaps a symbol and a two-digit number redeems the limitations: $99. Yes, the BR100 starts at* $99, with products shipping in mid-December. “Starts at” means you have to buy a bundle of 20 for that price, but for individual units, the BR100 is $199. Even though I feel a little marketed at (I know, marketing isn’t wrong) with the “starts at” thing, the price is still super affordable for a solid branch networking platform. And for the price, no other products offer the same features. Actually, for that price, no one comes anywhere near the same features.

They’re breaking the rules a little (APs are supposed to be Layer 2 devices!!!), but their BoD announcement should make wake. I’ll get my hands-on soon, and can offer more verified user details then, but for now, like usual, I’ll defer further details to their press release (link at bottom).

Final Comments and Suggestions
David “in like” Flynn (CEO) said that traditional enterprise architectures impede employee and company flexibility, and the corporate office is undergoing a decentralization. Now, I hate to paraphrase Aerohive’s CEO in my blog like a puppet, but I agree. I agree with the description of the problem. And I agree that Aerohive’s answers to networking challenges are on target. Simplify and centralize management, offer flexibility, and pile on value...there's a winner. I’m willing to sound like a paid-for (we don’t get paid for this in any way) parrot if I truly believe it. Other than my few gripes with their delivery, this BoD business maketh sense.

Blog Disclaimer: The opinions expressed within these blog posts are solely the author’s and do not reflect the opinions and beliefs of the Certitrek, CWNP or its affiliates.