Aruba Instant 8.6.0.0 Online Help Center Help Center
You are here: Home > Aruba Instant User Guide

Aruba Instant User Guide

This User Guide describes the features supported in Aruba Instant 8.x.x.x. This guide is intended for system administrators responsible for configuring and maintaining wireless networks and assumes administrator knowledge in Layer 2 and Layer 3 networking technologies.

What is New in the Release

This section lists the new features, enhancements, or hardware platforms introduced in Aruba Instant 8.6.0.0.

New Features and Hardware Platforms

Table 1: New Features in Instant 8.6.0.0

Feature

Description

Blacklisting Unauthorized Users

Unauthorized users trying to login to the network as an administrator using invalid credentials can be blacklisted and blocked from attempting further logins into the system. The number of allowed invalid login attempts and the lock out time period can be configured by the administrator. Enabling this feature enhances the security and prevents malicious login attempts into the network.

BSS Color feature for 510 Series,530 Series, and AP-555 Access Points

BSSBasic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients.  coloring feature enhances the Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. experience by optimizing RFRadio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. usage in dense deployment scenarios. The BSSBasic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients. color feature is supported with 510 Series, 530 Series, and AP-555 access points. The BSSBasic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients.  color setting is available under WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile settings.

Configuring a Client Specific VLAN for IoT Telemetry Data

The IoTInternet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. telemetry data can now be isolated to a client specific VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..

 

Configuring Additional NTP Servers for Instant

Instant APs now supports configuration of up to 4 NTPNetwork Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network. servers for time synchronization. NTPNetwork Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network. servers are configured in the Configuration > System > General page.

Configuring Additional Syslog Servers for Instant

Instant APs now support up to 3 syslog servers.

Configuring Reconnect Duration for IAP-VPN Controller Failover

The connectivity between Instant AP and the controller is monitored by a heartbeat signal between the Instant AP and the controller. When the heartbeat fails the Instant AP fails over to the backup controller. The duration after which the Instant AP fails over to the backup controller in IAP-VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. connections can now be configured by the administrator.

Configuring a Static IP Address with Two DNS Servers

When configuring a static IP address on an Instant AP, you can configure up to two DNSDomain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. Servers separated by a comma.

Enhancement for Authentication Survivability

The Authentication Survivability feature is now supported for clients authenticated with MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication.

Enhancements for Wi-Fi Uplink

The Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. uplink feature now supports bridge mode using MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. Address Translation (MAT), 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication for 802.11ac802.11ac is a wireless networking standard in the 802.11 family that provides high-throughput WLANs on the 5 GHz band. AP platforms, IPv6 and Mesh configuration when 2.4 GHzGigahertz. bandBand refers to a specified range of frequencies of electromagnetic radiation. is used for uplink.

Fast Roaming with Mesh Access Points

Instant now supports fast roaming with mesh APs.

Hanshow ESL Gateway

Hanshow ESL gatewayGateway is a network node that allows traffic to flow in and out of the network. provides electronic shelf label services and is used to automate pricing updates.

Hardware Offloading for Increased Transmission Performance

The hardware offloading feature optimizes the transmission performance of access points by offloading established session flows to hardware forwarding from the datapath software. This feature is supported on AP-535 and AP-555 access points.

IoT Enhancements

A new filter called Vendor Filter is added based on vendor id or name.

A new payload content MySphera is introduced.

Support for AmberBox sensors is introduced.

The Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. RTLSReal-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. and BLEBluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. telemetry streams are combined into a single telemetry stream in the IoTInternet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profile.

Instant supports the ABB ability smart sensors and forwards the IoTInternet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data from these sensors over Telemetry-HTTPSHypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. and Telemetry-websocket server types.

Multi Band Operation (MBO)

Aruba Instant provides Agile Multiband support on 802.11ax capable APs. MBO enables the network to utilize the available spectrum efficiently, and helps in optimizing connectivity experience for the end-users.

Proxy Server Configuration for IoT Transport Profiles

A proxy server can be configured for IoTInternet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profiles to receive IoTInternet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data from the AP and relay them to its final destination.

Priority for Local Cache Authentication

Priority for Local Cache Authentication feature authenticates clients using the local cache of the AP before sending a RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  request to the server. This feature is supported for clients authenticated using MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. and 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication.

RADIUS Accounting with MPSK

Instant supports RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  accounting with multiple PSKs in conjunction with ClearPass Policy Manager for WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. -based deployments. When RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  accounting is enabled and MPSK authentication is successful, the AP sends an accounting start message to the ClearPass Policy Manager server to gather the accounting updates. The accounting updates are periodically sent based on the time interval configured on the AP.

Support for SES-Imagotag Cloud TLS Authentication

Instant allows an AP with ESL USBUniversal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices.  dongle to connect to the SES cloud by using TLSTransport Layer Security. TLS is a cryptographic protocol that provides communication security over the Internet. TLS encrypts the segments of network connections above the Transport Layer by using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity.  authentication.

Support for Wireless Client Bridging

Instant supports client bridging of wired networks over Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard.. Users have to specify the maximum number IPv4 wired client users that can connect to the wireless client bridge.

Split 5 GHz Radio for 550 Series Access Points

The split 5 GHzGigahertz. radio is an Instant feature that leverages the power of software to provide three radios on 550 Series access points. The 8X8 5 GHzGigahertz. radio of these access points can be converted into two 4X4 5 GHzGigahertz. radios operating on the upper and the lower part of the radio antenna offering a total of three radios available for configuration - radio 0 (5 GHzGigahertz.), radio 1 (2.4 GHzGigahertz.) and radio 2 (5 GHzGigahertz.).

Uplink Port VLAN

The client traffic can be controlled to the uplink port and the traffic from downlink ports is not bridged or flooded to the uplink port automatically.

WebRTC Prioritization

WebRTC prioritization is supported to prioritize the media traffic from WebRTC sources.

WPA3 Enhancement

Aruba Instant supports 256-bit encryption with WPA3 enterprise in non-CNSA mode.

 

Table 2: New Hardware Platforms in Instant 8.6.0.0

Hardware

Description

500 Series Access Points

The 500 Series access points (AP-504 and AP-505) are high-performance, dual-radio wireless devices that can be deployed in either controller-based (ArubaOS) or controller-less (Aruba Instant) network environments. These APs deliver high performance concurrent 2.4 GHzGigahertz. and 5 GHzGigahertz. 802.11ax Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. (Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. 6) functionality with 2x2 MU-MIMOMulti-User Multiple-Input Multiple-Output. MU-MIMO is a set of multiple-input and multiple-output technologies for wireless communication, in which users or wireless terminals with one or more antennas communicate with each other. technology.

The APs provide the following capabilities:

IEEEInstitute of Electrical and Electronics Engineers. 802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps., IEEEInstitute of Electrical and Electronics Engineers. 802.11b802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps., IEEEInstitute of Electrical and Electronics Engineers. 802.11g802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network., IEEEInstitute of Electrical and Electronics Engineers. 802.11n802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz., IEEEInstitute of Electrical and Electronics Engineers. 802.11ac802.11ac is a wireless networking standard in the 802.11 family that provides high-throughput WLANs on the 5 GHz band., and IEEEInstitute of Electrical and Electronics Engineers. 802.11ax operation as a wireless access point

• Compatibility with IEEEInstitute of Electrical and Electronics Engineers. 802.3af802.3af is an IEEE standard for Power over Ethernet (PoE) version that supplies up to 15.4W of DC power. See PoE. PoEPower over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port.

• Integrated BLEBluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. radio

For complete technical details and installation instructions, see Aruba 500 Series Access Points Installation Guide.

/*]]>*/