What's New in this Release

This section lists the new features, enhancements, or hardware platforms introduced in ArubaOS 8.6.0.0.

New Features

Table 1: New Features in ArubaOS 8.6.0.0

Enhancements

Description

AP Conversion

A new command, ap convert, is introduced to convert Campus APs or Remote APs to Instant APs. You can convert the APs, AP lists, or AP groups using local-flash or local image server options like ftp, tftp, http, https, or scp by copying the downloaded image from Aruba support to the local ftp/tftp/scp server.

AP Fast Recovery

The 530 Series and 550 Series APs support fast recovery process in the affected radio when there is a firmware assert.

BSS color and BSS Color Switch Count

The Aruba 802.11ax-based access points like AP-505, AP-515, AP-534. AP-535, and AP-555 support BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients. coloring mechanism. You can set the number of times the BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients. color switch announcements are sent in beacons before switching to a new color.

Bulk Configuration of Stand-alone Controller Deployment

ArubaOS supports bulk configuration of stand-alone controllers by replacing the configuration files in the stand-alone controllers and rebooting them.

Centralized Licensing Support for IPv6

ArubaOS supports the centralized licensing feature in an IPv6 network, where both license servers and license clients contain IPv6 addresses configured on the managed device. The managed device containing IPv4 or IPv6 address acts as the license client and communicates with the license server containing IPv6 address to obtain the available licenses.

Configuring Destination Port for Syslog Server

Users can configure the destination port for syslog server by navigating to Configuration > System > Logging in the Managed Network node hierarchy.

Configuration Using APIs

ArubaOS supports a config replace API Application Programming Interface. Refers to a set of functions, procedures, protocols, and tools that enable users to build application software., which is used to configure a node or device with specific configurations.

Custom SIP

Custom SIP Session Initiation Protocol. SIP is used for signaling and controlling multimedia communication session such as voice and video calls. classifies and prioritizes the SIP Session Initiation Protocol. SIP is used for signaling and controlling multimedia communication session such as voice and video calls. media traffic that is compliant with SIP Session Initiation Protocol. SIP is used for signaling and controlling multimedia communication session such as voice and video calls. protocol but uses non-standard port for SIP Session Initiation Protocol. SIP is used for signaling and controlling multimedia communication session such as voice and video calls. signaling.

Downloading Log Files

Users can download the log files of Flash file system, Startup configuration and Running configuration to their local system by navigating to Diagnostics > Technical Support > Copy files under Mobility Master node hierarchy.

Enhancements to EST Profile

The following EST enhancements can be configured by the user:

User name and password for EST authentication.

Organizational Unit Name.

Arbitrary levels for EST enrollment and re-enrollment.

Change the username/password and challenge password field without de-activating and re-activating the EST profile.

Enhancements to AP-325 and AP-335 access points.

AP-325 and AP-335 access points can now detect LTE Long Term Evolution. LTE is a 4G wireless communication standard that provides high-speed wireless communication for mobile phones and data terminals. See 4G.-U signals in the WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. spectrum.

Enhancements to 510 Series access points.

The 510 Series campus APs Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. now support the following features:

512 client support

DL-MU-MIMO Multi-User Multiple-Input Multiple-Output. MU-MIMO is a set of multiple-input and multiple-output technologies for wireless communication, in which users or wireless terminals with one or more antennas communicate with each other.

Spectrum analysis

BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients. coloring support

Enhancements to 530 Series and 550 Series access points.

The 530 Series and 550 Series campus APs Campus APs are used in private networks where APs connect over private links (LAN, WLAN, WAN or MPLS) and terminate directly on controllers. Campus APs are deployed as part of the indoor campus solution in enterprise office buildings, warehouses, hospitals, universities, and so on. now support the following features:

3G Third Generation of Wireless Mobile Telecommunications Technology. See W-CDMA. / 4G Fourth Generation of Wireless Mobile Telecommunications Technology. See LTE. USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices. modems

Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. Hotspot Hotspot refers to a WLAN node that provides Internet connection and virtual private network (VPN) access from a given location. A business traveler, for example, with a laptop equipped for Wi-Fi can look up a local hotspot, contact it, and get connected through its network to reach the Internet.

1024 client support

Spectrum analysis

Real Time Protocol Analysis (RTPA) support

Enhancements to 550 Series access points

ArubaOS supports tri-radio mode in 550 Series access points. In Split 5 GHz Gigahertz. or tri-radio mode, radio 0 will operate in lower 5 GHz Gigahertz. band Band refers to a specified range of frequencies of electromagnetic radiation. range scanning channel 36-64 and radio 2 will operate in upper 5 GHz Gigahertz. band Band refers to a specified range of frequencies of electromagnetic radiation. scanning channel 100-165. Radio 1 will operate in full 2.4 GHz Gigahertz. band Band refers to a specified range of frequencies of electromagnetic radiation. scanning channel 1-13. Tri-radio mode supports the following features:

ClientMatch

Station Management

AirMatch

SAPD/SAPM

Spectrum Analysis

Cluster

MultiZone

Mesh

Firmware

Configuring IoT Transport Profile

ArubaOS allows configuration of IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profiles through the WebUI.

IoT Support for ABB Sensor

ArubaOS supports the ABB ability smart sensors and forwards the IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data from these sensors over Telemetry-HTTPS Hypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. and Telemetry-websocket server types.

IoT Support for AmberBox Sensor

ArubaOS supports the AmberBox detectors and gateways Gateway is a network node that allows traffic to flow in and out of the network. that connect to a USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices.  port on an AP. The AP relays the traffic from the AmberBox detector or gateway Gateway is a network node that allows traffic to flow in and out of the network. to a destination server.

IoT Support for MySphera Tag

ArubaOS supports MySphera tags that provide BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption.-based asset tracking services.

IoT Support for Nordic Zigbee USB Dongle

ArubaOS supports Nordic Zigbee USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices.  dongle to provide IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. services on APs which do not have an integrated Zigbee radio.

IoT Support for Proxy Server

ArubaOS supports proxy server that can receive and relay IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data to its final destination.

IoT Support for Wi-Fi RTLS and BLE Telemetry Streams

The Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. and BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. telemetry streams are combined into a single telemetry stream in the IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profile.

IoT Vendor Filter

ArubaOS supports a vendor filter that can be either the vendor name or vendor ID of an IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. device.

IPv6 Support for Mobility Master Redundancy Methods

ArubaOS provides IPv6 support for Mobility Master’s Layer-2 and Layer-3 redundancy configuration, as well as establishes communication between Mobility Masters and managed devices using VPNC. This feature allows seamless migration of network infrastructure to IPv6 without compromising the Mobility Master redundancy.

Increase in global ap table size

ArubaOS supports an increase in global ap table size to ensure that the users can view all the APs operating in a dense environment and detect or monitor more number of rogue BSSID Basic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly. entries.

Increase in cluster node size for Remote APs

ArubaOS supports up to a 12 node cluster for Remote APs. Now, the Remote APs can terminate on a cluster with more than 4 nodes.

IPsec Tunnels using GCM ciphers

IPsec Internet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session. tunnels can be now established between managed devices and APs using GCM ciphers.

Managing AP Whitelists

ArubaOS provides support for ClearPass Policy Manager to whitelist Remote APs in a cluster environment.

Managing Blacklisted Clients

Users can manage blacklisted clients in both stand-alone controllers and Mobility Masters using the WebUI. ArubaOS now forwards the client blacklist to the database of all the managed devices in a Mobility Master.

Multi Band Operation (MBO)

ArubaOS provides Agile Multiband support on 802.11ax capable APs. MBO enables the network to utilize the available spectrum efficiently, and helps in optimizing connectivity experience for the end-users.

Uplink Routing using Nexthop Lists

ArubaOS supports IPv6 address for next-hop lists in policy-based routing.

Per-Command Authorization for Management Users

ArubaOS supports per-command authorization for management users with TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS.  servers running on ClearPass Policy Manager. This feature gives flexibility in determining commands to be allowed for each management user at each configuration node.

Role-Based ACL

Role- based ACL Access Control List. ACL is a common way of restricting certain types of traffic on a physical port. can now be applied to users in different controllers by configuring a policy domain group profile.

Spoofed Deauth Blacklisting

The spoofed deauth blacklist feature is not supported.

Support for TEAP Tunnel Extensible Authentication Protocol (TEAP) is a tunnel-based EAP method that enables secure communication between a peer and a server by using the Transport Layer Security (TLS) protocol to establish a mutually authenticated tunnel. Within the tunnel, TLV objects are used to convey authentication-related data between the EAP peer and the EAP server. Authentication Method

Starting from version 8.6.0.0, ArubaOS supports Tunnel Extensible Authentication Protocol (TEAP Tunnel Extensible Authentication Protocol (TEAP) is a tunnel-based EAP method that enables secure communication between a peer and a server by using the Transport Layer Security (TLS) protocol to establish a mutually authenticated tunnel. Within the tunnel, TLV objects are used to convey authentication-related data between the EAP peer and the EAP server.), a tunnel-based EAP Extensible Authentication Protocol. An authentication protocol for wireless networks that extends the methods used by the PPP, a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.  method that enables secure communication between a peer and a server by using the Transport Layer Security (TLS Transport Layer Security. TLS is a cryptographic protocol that provides communication security over the Internet. TLS encrypts the segments of network connections above the Transport Layer by using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity. ) protocol to establish a mutually authenticated tunnel. Within the tunnel, TLV Type-length-value or Tag-Length-Value. TLV is an encoding format. It refers to the type of data being processed, the length of the value, and the value for the type of data being processed. objects are used to convey authentication-related data between the EAP Extensible Authentication Protocol. An authentication protocol for wireless networks that extends the methods used by the PPP, a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.  peer and the EAP Extensible Authentication Protocol. An authentication protocol for wireless networks that extends the methods used by the PPP, a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.  server.

Support for stateful failover for roaming clients

Starting from ArubaOS 8.6.0.0, during a UAC failure, hitless failure of high-value application traffic such as voice is supported when the client roams between BSSIDs Basic Service Set Identifier. The BSSID identifies a particular BSS within an area. In infrastructure BSS networks, the BSSID is the MAC address of the AP. In independent BSS or ad hoc networks, the BSSID is generated randomly..

Support for new 4G Fourth Generation of Wireless Mobile Telecommunications Technology. See LTE. modems on Remote APs

Remote APs support the use of Inseego Skyus SC4 USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices. 4G Fourth Generation of Wireless Mobile Telecommunications Technology. See LTE. modems to provide internet backhaul on a network.

Support for Enhanced Open Security in Decrypt-Tunnel Mode

ArubaOS supports enhanced open security in decrypt tunnel mode for all access points and managed devices.

Support for WPA3 in Decrypt-Tunnel Mode

ArubaOS supports WPA3 in decrypt tunnel mode for all access points and managed devices.

SES-Imagotag Cloud TLS Authentication

ArubaOS allows an AP with ESL USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices.  dongle to connect to the SES cloud by using TLS Transport Layer Security. TLS is a cryptographic protocol that provides communication security over the Internet. TLS encrypts the segments of network connections above the Transport Layer by using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity.  authentication.

Hanshow ESL Gateway

Hanshow ESL gateway Gateway is a network node that allows traffic to flow in and out of the network. provides electronic shelf label services.

WebRTC Prioritization

WebRTC prioritization prioritizes the media traffic from WebRTC sources and provides better end user experience, dashboard visibility of all WebRTC applications like voice, video, and application sharing, and call quality monitoring for audio calls.

ZTP using DHCPv6 options

DHCPv6 options help ZTP Zero Touch Provisioning. ZTP is a device provisioning mechanism that allows automatic and quick provisioning of devices with a minimal or at times no manual intervention. managed devices get master information when the users are unable to use Activate. Option 16 provides vendor information and the Option 17 provides information such as master IPv6 address, VPNC information, and so on.

Table 2: New Hardware Platforms in ArubaOS 8.6.0.0

 

Check with your local Aruba sales representative on new managed devices and access points availability in your country.

Hardware

Description

500 Series campus access points

The 500 Series campus access points (AP-504 and AP-505) are high-performance, dual-radio wireless devices that can be deployed in either controller-based (ArubaOS) or controller-less (Aruba Instant) network environments. These APs deliver high performance concurrent 2.4 GHz Gigahertz. and 5 GHz Gigahertz. 802.11ax Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. (Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. 6) functionality with 2x2 MU-MIMO Multi-User Multiple-Input Multiple-Output. MU-MIMO is a set of multiple-input and multiple-output technologies for wireless communication, in which users or wireless terminals with one or more antennas communicate with each other. technology.

The APs provides the following capabilities:

IEEE Institute of Electrical and Electronics Engineers. 802.11a 802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps., IEEE Institute of Electrical and Electronics Engineers. 802.11b 802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps., IEEE Institute of Electrical and Electronics Engineers. 802.11g 802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network., IEEE Institute of Electrical and Electronics Engineers. 802.11n 802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz., IEEE Institute of Electrical and Electronics Engineers. 802.11ac 802.11ac is a wireless networking standard in the 802.11 family that provides high-throughput WLANs on the 5 GHz band., and IEEE Institute of Electrical and Electronics Engineers. 802.11ax operation as a wireless access point

Compatibility with IEEE Institute of Electrical and Electronics Engineers. 802.3af 802.3af is an IEEE standard for Power over Ethernet (PoE) version that supplies up to 15.4W of DC power. See PoE. PoE Power over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port.

Integrated BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. radio

For complete technical details and installation instructions, see Aruba 500 Series Campus Access Points Installation Guide.

New Commands in ArubaOS 8.6.0.0