Aruba vs. Ruckus
Last Post: August 19, 2011:
Looking for some expert insight from customers and or opinions on these two vendors.
We are looking at these two vendors for our University's wireless solution. I've found 2.4GHz SNR coverage to be much better with Ruckus 7363 APs than Aruba's 105 APs, but marginally worse than Aruba in the 5GHz spectrum. In most places we are seeing an SNR of over 30 for Aruba APs in 2.4GHz and over 35 in 5GHz. With Ruckus we are seeing an SNR of over 40 in 2.4GHz and over 30 in 5GHz. This testing was done in a typical four floor dorm with APs mounted in the hallway with no students and their stuff in their dorm rooms.
85% of our clients last semester were still 2.4GHz. We did not have any band steering capability for our existing Cisco WLAN till a controller upgrade this summer so hopefully we can push more clients to 5GHz this semester.
Aruba has many more features built into their controller than does Ruckus. One such feature that we may find useful is client fingerprinting for identifying gaming stations and other non-802.1x capable clients.
Ruckus concerns us a little as their HigherEd penetration seems to be pretty small, but their APs look to perform extremely well in our environment according to our limited tests. Whereas Aruba has a large presence in HigerEd and their 105 APs perform maybe not quite as good but still well. From the research and testing I've done my conclusion is: Ruckus seems to give us a better L1 and L2 foundation whereas Aruba provides a ton of features in the core.
First, let me give full disclosure and tell you that I work for Ruckus however, I'll be very objective and oddly enough, Ruckus allows me to be this way.
If you examine the roots of both companies you will see their strengths.
Aruba is the leader in wired security integration with Wi-Fi. Now, most would say that Aruba is the leader in Wi-Fi security but there is something to consider there; all Wi-Fi security is the same. It's been standardized since 2004 with 802.11i and all of us can only use the authentication and encryption that has been given to us by the IEEE and the Wi-Fi Alliance.
They offer a very strong firewall in their controller, much better than what Ruckus is doing now or has plans for in the future.
Ruckus's strength is in it's RF technology, also our roots. Your observations of better signal is just the tip of the iceberg in what Ruckus's antenna technology will provide. In short, fewer APs, less co-channel interference and increased radio capacity.
Tom's hardware recently did an extensive article comparing Aruba, Ruckus, Cisco, Meraki and HP. They put the 7363 (Ruckus mid-entry AP) against the top end of the other vendors. While Ruckus didn't win every test, we were very pleased with the results.
Controller technology is also a point of comparison.
Aruba's controllers are very strong and have lots of control but there is a disadvantage here. To achieve this, all of the traffic from a large network is tunneled through the controller. When this type of technology (centralized forwarding) was introduced, it made lots of sense. Wi-Fi wasn't very secure and speeds were slow so, push it all through the controller and improve security.
However, things have changed. One AP can push well over 300 Mbps of real data out the Ethernet port. Tunneling all of that to a 1 Gbps or even a 10 Gbps port doesn't make sense. Also, Wi-Fi security is very strong (7 years now without being cracked) so tunneling for the sake of security isn't required.
Ruckus's controllers give you the option of both centralized forwarding (e.g. guest traffic) and our normal operation of distributed forwarding where all data from the AP is just like any Ethernet device except VLAN tags etc can exist. This allows your strong switch network to carry the traffic without a central bottleneck.
We also have controller that can handle 1000 APs so large installations are not a problem.
One other sales pitch; FlexConnect - A student can take his or her iPad, iPhone etc and connect securely to the Wi-Fi network without IT staff intervention. Authenticated to your back end server and encrypted with AES and you didn't have to do anything. That is something only we are doing right now.
I'll leave you for now. If you have any questions, feel free to email me at email@example.com.
Thanks for taking the time to test Ruckus; we greatly appreciate it.
P.S. Since I'm also head training guy at Ruckus I have to say this; you can learn Ruckus gear in less than a day without ever stepping foot in a classroom.
Great question, and two great products. You have good timing... if you're not familiar with it, there's an email listserv for Educause just for WLANs. This month, one person asked about feedback for Ruckus and another person asked for feedback about Aruba. You can see what your university peers are saying about their experiences with these two vendors.
I think you're exactly right with your assessment that Ruckus is going to provide really solid L1 performance and ease of use, while Aruba is a solid product with the extra bells and whistles like PEF.
Without knowing your specific needs, I say you'll be happy with either, but I have to say that since I'm vendor-neutral. :)
Yep that was me posting to the WLAN list on Educause. I like to gather thoughts from various places. :)
I will add my 2 cents here. I would first, as GT did, do a full disclosure in that I work for an Aruba reseller. We do other things but I will say I have much less exposure to Ruckus than Aruba.
The first thing I would say is that we do a lot of design work for Universities and I know that you have one of the biggest challenges there mainly due to having buildings that are less than modern and not at all conducive to 802.11 propagation. I would caution you about planning to deploy your APs in hallways only (I know its a hassle to get into student dorms for maintenance) as typically with Aruba when all the APs can see each other down the hallway ARM tends to lower the power to avoid co-channel interference and this results in less signal into the dorms. The other thing I would point out is that focusing on SNR is not always a good way to figure out if one solution is better than another for your end use cases. I am not sure if you are aware of this, but the majority of client chipsets set the noise part of this to a completely made up number. This makes SNR not as useful. I would suggest using InSSIDer(windows) or Wifi Scanner(Mac) to get actual client RSSI levels to get a better idea of how your clients would see their connection.
Most deployments presently do not focus exclusively on signal strength as a measurement for designs as automated channel and power systems such as ARM in Aruba mean that the AP could be at variance with the design parameters. Typically Aruba will start out at 9dBm and go up from there adjusting to what is sees around it. I would also pay attention to what kinds of devices and applications will be using the WLAN as the difference between a 3x3:3 MacBook Pro and a 1x1:1 iPad is quite a lot.
I will agree with GT here in that Ruckus has the strong point in their RF technology and Aruba is more focused on security. The other vendor you don't mention who has a strong presence in education is Aerohive who's strength is their non-controller based design as well as specific applications focused on the education market.
I would additionally mention for an education institution such as yourself that one of Aruba's strengths in this market is not just their AP technology but that they have also build up a strong portfolio of supporting products around their core security design to provide things such as monitoring (with Airwave) that provides very detailed reporting and rogue detection, guest management (with Amigopod) and as you mentioned capabilities for device fingerprinting. I do believe, however, that more important than all of these useful features is to spend the time up front to get a solid site survey done and a tested design that you know is going to work in those difficult buildings that are made from brick all throughout or even worse chickenwire with plaster over top. Without this any vendor you award your deployment to will likely be less than satisfactory performance wise once the students return.
I appreciate your thoughts and your concerns are many of my concerns as well. Unfortunately it was decided, due to cost, that APs would be in the hallways. I can't change that so I have to work around that deficiency as best as I can. Any testing with any vendor was done with automatic power negotiation enabled except for Meru and Ruckus as they say they do not need to use this feature and I understand their reasoning on this to a point. So I'm primarily looking for the solution that best addresses the problems caused by us having to mount the APs in hallways.
Looks like time for me to kick in as well...
I have a bit of a unique perspective on this discussion. I've worked with as well as taught classes on Cisco, Aruba, Ruckus and Aerohive solutions. I also have experience installing many Wireless LAN's in higher ed situations.
And like the others who've already posted. I too work for a vendor. After 10+ years as a vendor neutral WLAN professional, I now choose to work for Aerohive.
First a couple of issues with the first initial post.
1 - try to NOT put the AP's in the hallways if at all possible. It causes too much co-channel interference.
2 - 30-35 dBm of SNR is more than sufficient - but like Chris said, use RSSI not SNR for analysis
3 - Design for *capacity* first - then coverage will be guaranteed
4 - I think your ratio of 2.4GHz only to 5GHz capable will change dramatically this coming semester
5 - Be sure to have minimum Cat5e cabling and use Gig ports rather than 10/100 to the AP's
6 - Know specifically your target device and its needs - design to those needs
Now on to the vendor bias stuff...
You might also want to look at Aerohive as an option. We have the Firewall and Security of an Aruba solution (our company history comes from NetScreen) and we support firewall policies and QoS policies at the edge.
Our new 3X3:3 AP's support three spatial streams - even though the bulk of your devices might not need or support that today, it puts you in a proactive situation - with better power amplifiers and the ability to 'listen' better.
Instead of requiring an archaic Controller based solution - where you are paying extra money for a piece of hardware, a spare piece of hardware for redundancy, and then even more money on feature licenses... an Aerohive solution only has two parts.
The Access Points share cooperative control between them using a [b]protocol[/b]. Protocols are how routers and switches do their thing. Can you imagine trying to build a controller to control router traffic on your campus. Of course not. You allow the OSPF (or whatever version you're using) to control inter-router organization and flow.
The same can be said about Aerohive's cooperative control Access Points. They just work together using a standard protocol.
The second part of our solution is NOT a controller, but a Management service that allow you easy access to manage your WLAN and garner reports and insight into your network. This service can be run on either a public cloud (our servers) or on your own private cloud (your servers).
This is quite simple. You put in an Aerohive Access Point - it finds its way to the management service and downloads it's profile and joins with its neighboring AP's to form a resilient, robust, and secure Wireless LAN for your clients.
Of course we support Meshing between AP's, Client fingerprinting, QoS at the edge, detailed and granular firewall policies at the edge, and all the other features you'd need in a robust solution. We just don't charge extra for those services, and you wouldn't have to pay all that extra money for controller hardware.
Like GT said - why not go with a solution where the client data drops directly to the network and doesn't have to 'trombone' back to the controller. (plus pushing 802.11 speeds, you'll never get the throughput with everything going to through the controller)
Aerohive has a very scalable solution. Not 'step functions' as you move from 500 to 501 AP's and have to purchase another controller (oh, and the second redundant controller since controllers are single point of failure) If you want more coverage, just add an additional Access Point. Simple!
If the links to your controller go down, both Ruckus and Aruba AP's stop working. But Aerohive has "Wi-Fi that Won't Die" (of course I had to get a Devinator quote in here somewhere)
Rather than have all the features you want at the 'Core' with an Aruba controller solution - you can get those same features at the 'edge' without the extra cost.
Rather than rely soley on the L1 features of Ruckus, with your density you don't need the extra 'throw' of a Ruckus access point. Especially when your target clients are low-powered mobile devices like a 1X1 iPad. The Ruckus beam forming is great for Transmitting data, but [b]does nothing for Receiving data[/b]. Just measuring and comparing the RSSI from a Ruckus AP doesn't tell you the net two-way throughput you could expect.
[i]We'd love to help with a Proof of Concept and have a chance to win your business.[/i]
Keith R. Parsons
Senior Wi-Fi Architect
As you can see already, every vendor has something special to offer and the addition to the thread (Aerohive) is no exception.
No one ever knows how good or bad something is until it is compared to another. All three vendors mentioned are great WLAN players and you would be happy with any of them.
What it will come down to is your personal preferences and what your priorities are. Given the strengths of these three vendors, here is an outlook that I think any objective Wi-Fi professional could agree with.
Build in firewall and policy control:
Controller fault tolerance:
Throughput and RF performance:
Ease of use:
To echo Keith's comments, we would also like you to try our gear and we encourage you to test Aerohive and Aruba. Let me know what you want and I'll get it to you. If you want to try it for 30-60 days in an entire building, we're fine with that. Also, please make it the worst Wi-Fi environment you can find. That's where we do best. :)
Discolsure: I sometimes work with an Aruba VAR post-installation and sometimes teach classes on Aruba. I also wrote a couple of vendor-neutral classes that use Ruckus.
I'm going to pass on giving an explicit recommendation. That said, Ruckus is all about downlink signal. Nobody is going to beat them if you're testing which vendor shows the highest SNR through a wall. Aruba is more of a full enterprise package. The device classification stuff is useful and you may end up liking the ability to apply different firewall policies to different user groups and device types.
GT, Keith, and Chris,
Does someplace like the UNH-IOL have your equipment to run tests with?
My company likes the idea of having some place like them perform its interoperability testing.
Even though there are security "standards", we have found that AP's are still different enough that we need to test with as many as we can. Mix in "roaming", and we find real disparity between different customers sites.