What's New in this Release

This section lists the new features, enhancements, or hardware platforms introduced in Aruba Instant 8.6.0.0.

New Features and Hardware Platforms

Table 1: New Features in Instant 8.6.0.0

Feature

Description

Blacklisting Unauthorized Users

Unauthorized users trying to login to the network as an administrator using invalid credentials can be blacklisted and blocked from attempting further logins into the system. The number of allowed invalid login attempts and the lock out time period can be configured by the administrator. Enabling this feature enhances the security and prevents malicious login attempts into the network.

BSS Color feature for 510 Series,530 Series, and AP-555 Access Points

BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients.  coloring feature enhances the Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. experience by optimizing RF Radio Frequency. RF refers to the electromagnetic wave frequencies within a range of 3 kHz to 300 GHz, including the frequencies used for communications or Radar signals. usage in dense deployment scenarios. The BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients. color feature is supported with 510 Series, 530 Series, and AP-555 access points. The BSS Basic Service Set. A BSS is a set of interconnected stations that can communicate with each other. BSS can be an independent BSS or infrastructure BSS. An independent BSS is an ad hoc network that does not include APs, whereas the infrastructure BSS consists of an AP and all its associated clients.  color setting is available under WLAN Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSID Service Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile settings.

Configuring a Client Specific VLAN for IoT Telemetry Data

The IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. telemetry data can now be isolated to a client specific VLAN Virtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN..

 

Configuring Additional NTP Servers for Instant

Instant APs now supports configuration of up to 4 NTP Network Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network. servers for time synchronization. NTP Network Time Protocol. NTP is a protocol for synchronizing the clocks of computers over a network. servers are configured in the Configuration > System > General page.

Configuring Additional Syslog Servers for Instant

Instant APs now support up to 3 syslog servers.

Configuring Reconnect Duration for IAP-VPN Controller Failover

The connectivity between Instant AP and the controller is monitored by a heartbeat signal between the Instant AP and the controller. When the heartbeat fails the Instant AP fails over to the backup controller. The duration after which the Instant AP fails over to the backup controller in IAP-VPN Virtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two. connections can now be configured by the administrator.

Configuring a Static IP Address with Two DNS Servers

When configuring a static IP address on an Instant AP, you can configure up to two DNS Domain Name System. A DNS server functions as a phone book for the intranet and Internet users. It converts human-readable computer host names into IP addresses and IP addresses into host names. It stores several records for a domain name such as an address 'A' record, name server (NS), and mail exchanger (MX) records. The Address 'A' record is the most important record that is stored in a DNS server, because it provides the required IP address for a network peripheral or element. Servers separated by a comma.

Enhancement for Authentication Survivability

The Authentication Survivability feature is now supported for clients authenticated with MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication.

Enhancements for Wi-Fi Uplink

The Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. uplink feature now supports bridge mode using MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. Address Translation (MAT), 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication for 802.11ac 802.11ac is a wireless networking standard in the 802.11 family that provides high-throughput WLANs on the 5 GHz band. AP platforms, IPv6 and Mesh configuration when 2.4 GHz Gigahertz. band Band refers to a specified range of frequencies of electromagnetic radiation. is used for uplink.

Fast Roaming with Mesh Access Points

Instant now supports fast roaming with mesh APs.

Hanshow ESL Gateway

Hanshow ESL gateway Gateway is a network node that allows traffic to flow in and out of the network. provides electronic shelf label services and is used to automate pricing updates.

Hardware Offloading for Increased Transmission Performance

The hardware offloading feature optimizes the transmission performance of access points by offloading established session flows to hardware forwarding from the datapath software. This feature is supported on AP-535 and AP-555 access points.

IoT Enhancements

A new filter called Vendor Filter is added based on vendor id or name.

A new payload content MySphera is introduced.

Support for AmberBox sensors is introduced.

The Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. RTLS Real-Time Location Systems. RTLS automatically identifies and tracks the location of objects or people in real time, usually within a building or other contained area. and BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. telemetry streams are combined into a single telemetry stream in the IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profile.

Instant supports the ABB ability smart sensors and forwards the IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data from these sensors over Telemetry-HTTPS Hypertext Transfer Protocol Secure. HTTPS is a variant of the HTTP that adds a layer of security on the data in transit through a secure socket layer or transport layer security protocol connection. and Telemetry-websocket server types.

Multi Band Operation (MBO)

Aruba Instant provides Agile Multiband support on 802.11ax capable APs. MBO enables the network to utilize the available spectrum efficiently, and helps in optimizing connectivity experience for the end-users.

Proxy Server Configuration for IoT Transport Profiles

A proxy server can be configured for IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. transport profiles to receive IoT Internet of Things. IoT refers to the internetworking of devices that are embedded with electronics, software, sensors, and network connectivity features allowing data exchange over the Internet. data from the AP and relay them to its final destination.

Priority for Local Cache Authentication

Priority for Local Cache Authentication feature authenticates clients using the local cache of the AP before sending a RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  request to the server. This feature is supported for clients authenticated using MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. and 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. Authentication.

RADIUS Accounting with MPSK

Instant supports RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  accounting with multiple PSKs in conjunction with ClearPass Policy Manager for WPA2 Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. PSK Pre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. -based deployments. When RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  accounting is enabled and MPSK authentication is successful, the AP sends an accounting start message to the ClearPass Policy Manager server to gather the accounting updates. The accounting updates are periodically sent based on the time interval configured on the AP.

Support for SES-Imagotag Cloud TLS Authentication

Instant allows an AP with ESL USB Universal Serial Bus. USB is a connection standard that offers a common interface for communication between the external devices and a computer. USB is the most common port used in the client devices.  dongle to connect to the SES cloud by using TLS Transport Layer Security. TLS is a cryptographic protocol that provides communication security over the Internet. TLS encrypts the segments of network connections above the Transport Layer by using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity.  authentication.

Support for Wireless Client Bridging

Instant supports client bridging of wired networks over Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard.. Users have to specify the maximum number IPv4 wired client users that can connect to the wireless client bridge.

Split 5 GHz Radio for 550 Series Access Points

The split 5 GHz Gigahertz. radio is an Instant feature that leverages the power of software to provide three radios on 550 Series access points. The 8X8 5 GHz Gigahertz. radio of these access points can be converted into two 4X4 5 GHz Gigahertz. radios operating on the upper and the lower part of the radio antenna offering a total of three radios available for configuration - radio 0 (5 GHz Gigahertz.), radio 1 (2.4 GHz Gigahertz.) and radio 2 (5 GHz Gigahertz.).

Uplink Port VLAN

The client traffic can be controlled to the uplink port and the traffic from downlink ports is not bridged or flooded to the uplink port automatically.

WebRTC Prioritization

WebRTC prioritization is supported to prioritize the media traffic from WebRTC sources.

WPA3 Enhancement

Aruba Instant supports 256-bit encryption with WPA3 enterprise in non-CNSA mode.

 

Table 2: New Hardware Platforms in Instant 8.6.0.0

Hardware

Description

500 Series Access Points

The 500 Series access points (AP-504 and AP-505) are high-performance, dual-radio wireless devices that can be deployed in either controller-based (ArubaOS) or controller-less (Aruba Instant) network environments. These APs deliver high performance concurrent 2.4 GHz Gigahertz. and 5 GHz Gigahertz. 802.11ax Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. (Wi-Fi Wi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. 6) functionality with 2x2 MU-MIMO Multi-User Multiple-Input Multiple-Output. MU-MIMO is a set of multiple-input and multiple-output technologies for wireless communication, in which users or wireless terminals with one or more antennas communicate with each other. technology.

The APs provide the following capabilities:

IEEE Institute of Electrical and Electronics Engineers. 802.11a 802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps., IEEE Institute of Electrical and Electronics Engineers. 802.11b 802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps., IEEE Institute of Electrical and Electronics Engineers. 802.11g 802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network., IEEE Institute of Electrical and Electronics Engineers. 802.11n 802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz., IEEE Institute of Electrical and Electronics Engineers. 802.11ac 802.11ac is a wireless networking standard in the 802.11 family that provides high-throughput WLANs on the 5 GHz band., and IEEE Institute of Electrical and Electronics Engineers. 802.11ax operation as a wireless access point

• Compatibility with IEEE Institute of Electrical and Electronics Engineers. 802.3af 802.3af is an IEEE standard for Power over Ethernet (PoE) version that supplies up to 15.4W of DC power. See PoE. PoE Power over Ethernet. PoE is a technology for wired Ethernet LANs to carry electric power required for the device in the data cables. The IEEE 802.3af PoE standard provides up to 15.4 W of power on each port.

• Integrated BLE Bluetooth Low Energy. The BLE functionality is offered by Bluetooth® to enable devices to run for long durations with low power consumption. radio

For complete technical details and installation instructions, see Aruba 500 Series Access Points Installation Guide.