Aruba Central Overview
Aruba Central simplifies deployment, management, and optimization of WLAN, LAN, VPN, and SD-WAN. Using Aruba Central eliminates the time-consuming manual process of moving information from one management platform to another or trying to correlate troubleshooting information across multiple views.
Central serves as a “single pane of glass” for Aruba ESP. The use of integrated AI-based ML, IoT device profiling for security, and Unified Infrastructure management accelerates the edge-to-cloud transformation for today’s Intelligent Edge.
Central Key Features:
- Cloud-native enterprise campus WLAN software
- AI Insights for WLAN, switching, and SD-WAN
- Advanced IPS/IDS threat defense management
- Mobile application-based network installation
- Unified management for access and WAN edge
- Live chat and an AI-based search engine
- Cloud, on-premises and as-a-service (aaS) options.
Central is a cloud-native microservices-based platform that provides the scalability and resilience needed for critical environments. Compared to an on-premises solution, Central is more adaptive, predictable, and horizontally scalable with built-in redundancy. Central also provides seamless access to Aruba ClearPass Device Insight, Aruba User Experience Insight (UXI), and Aruba Meridian to furnish significant AI/ML capabilities and location-based services for network visibility and insight.
Workflow-based configurations within Central enable efficient, error-free deployments of Aruba solutions anywhere in the world. The workflows are based on common best-practice approaches to network configuration. They enable bringing new devices online quickly, using new or existing network configurations.
Getting Started with Aruba Central
Aruba Central Demo
The Aruba Central demo includes virtual tours that explore various components of Aruba Central, available here.
Aruba Central Trial
Customers can see Central in action within their own environments. Aruba offers a 90-day evaluation license for customers. Information about the license and steps to complete a trial can be found here.
Note: During the Central account creation process, a region must be selected for the trial. If the trial might be migrated to a production deployment, it is critical to choose the desired end region. Changing the region of a central instance is not possible and require creation of a new account.
Aruba Central Design
Aruba Central manages networks of all shapes and sizes: from a single building to multi-branch distributed locations. Central offer several flexible mechanisms to organize and visualize the devices within an organization.
A Group is the fundamental unit of configuration and management within Central. The Group includes devices, anywhere in the organization, that have a common configuration baseline. A common Group example is “all access switches.”
Sites organize devices by assigned geographic location so they can be visualized together, regardless of configuration commonality. A common Site example includes all the devices within a particular building, wired and wireless.
Labels allow for arbitrary identification of different devices so they can be grouped for visualization and management, regardless of common configuration or physical location. A typical use of Labels is grouping all APs or switches with a particular model number.
Managing an organization’s network(s) can be simplified by correctly applying the Group, Site, and Label constructs. Thought and planning on how to best use these constructs aids the process.
The following table summarizes how each construct can be used by the individual Aruba Central functions.
Groups | Sites | Labels | |
---|---|---|---|
AI Insights | No | Yes | No |
Configuration | Yes | No | No |
Events and Alerts | Yes | Yes | Yes |
Monitoring | Yes | Yes | Yes |
Reporting | Yes | Yes | Yes |
Groups
Groups are the primary containers for AP, gateway, and switch configurations. They are used to apply common configurations to a set of managed devices. Devices inherit common configuration from the assigned group. Device specific configurations, such as IP addressing and hostname, are applied as a per-device override after the group configuration is applied.
Best practice for Central groups is:
- Create as few groups as necessary. The fewer the groups, the easier day-to-day operations.
- Avoid creating groups per building or site since changes must be duplicated across groups.
- Make groups for functionally related devices. For example: all access switches, or all wireless devices.
- Create groups with the correct persona (for example: CX only, AOS 10, Central 3.x), as it influences the available configuration options and feature operation.
A device’s final configuration is composed of its group configuration and device-specific overrides.
When creating device groups, the devices should have similar network functions so that common configurations such as VLANs, NTP, and DNS can be applied at the group level. Device-specific configurations, such as IP addresses, should be applied at the device level.
Central has two primary Group types: Template Groups and UI Groups.
- Template groups are CLI-based configuration files pushed down to a device. Device-specific information is defined using variables.
- UI groups use the Central web user interface. Device-specific configuration can be applied by selecting a particular device and configuring it individually in the user interface.
Template groups are an option when devices have nearly the same configurations and when configurations do not change often. UI groups are a better choice for workflow-driven deployments and provide the flexibility to change single device configurations.
In both cases, devices in the same group must have similar configurations. If port layouts must change or the topology of the network differs from other sites, create a unique group and configuration for that different site.
Note: This graphic does not reflect the exact naming and type used in the guide. It is for reference purposes only.
Sites
A site defines a location where a set of managed devices are physically installed. Sites can contain APs, Gateways and Switches. Sites can be organized by single building, co-located buildings, or a logical grouping of buildings. Sites can be used for monitoring and defining the scope of alerts, events, and AI Insights.
A site assigns devices to a physical location to provide organized Network Health, AI Insights, and topology information. Sites are used for reporting and Auto-Clustering for distributed gateway deployments.
For multiple buildings in a location, such as a university or hospital campus, consider making each building a site. This provides more granularity for alerts, events, and AI insights. The more buildings placed into a single site, the harder it is to identify and isolate faults and issues.
Labels
Labels are assigned to devices to create logical groupings, such as indoor APs and outdoor APs. Labels simplify monitoring and reporting by providing operators a defined sets of devices, with a maximum of five labels per device. Labels are useful when monitoring and reporting is required for logical sets of devices such as infastructure that may service an executive team or life-critical infastructure in a hospital. Labels can be assigned ad hoc for alerts and events or attached to devices permanently.
Aruba Central API
Aruba Central offers the following extensibility features to build custom monitoring, configuration tools, custom dashboards, alerts and notification framework:
- REST API - For configuration, on-demand polling, monitoring data via HTTP requests.
- Streaming API - Subscribe to select topics, get statistics and state changes over Secure WebSocket (WSS).
- Webhook - Integrate external applications and implement actions based on real-time alerts.
To learn more about Aruba Central’s API capabilities, refer to Aruba Developer Hub.