The overall goal is to create a simple, scalable design that is easy to replicate at different sites. Component selection should include a specific set of products that collectively perform all required operations and maintenance functions.
The design also must include target of subsecond failover components that perform if a network device or link between two network becomes unavailable.
All protocols are tuned to deliver a highly available network that continually meets all functional requirements.
This guide can be used to design new networks or to optimize and upgrade existing networks. The guide is not intended to present an exhaustive description of all available options. It focuses on the most highly recommended and proven designs, features, software, and hardware.
With so many wireless devices on a network, performance and availability are key concerns. Wireless clients with different capabilities operate at different performance levels. If the wireless network cannot self-optimize, slower clients can degrade performance for faster clients.
Wi-Fi 5 and Wi-Fi 6 standards support speeds greater than 1 Gbps. To accommodate the increased data rates, the APs implement the IEEE 802.3bz Ethernet standard of 2.5 and 5 Gbps.
An organization can achieve the higher data rates on existing twisted-pair cabling when connecting to Aruba switches with Smart Rate ports that also support the 802.3bz Ethernet standard.
To support the explosion of Internet of Things (IoT) devices and the latest wireless technologies, IEEE 802.3bt Power over Ethernet (PoE), eliminates the need for dedicated power, while offering simplicity and cost reduction. The access layer acts as a collection point for high-performance wired and wireless devices. The access layer needs enough capacity to support current power and bandwidth and to scale as the number of devices grows.
Security is a critical requirement for the campus networks. Authorized users must be authenticated and given access to services they need to do their jobs. IoT devices must be identified using MAC authentication and profiling to prevent rogue devices from using the network.
In addition to internal access within company-managed assets, users connect their personal devices, guests require Internet access, and contractors or vendors must access the Internet and the organization’s internal network.
Broad access must be enabled while maintaining network security and integrity. Because connecting so many devices and user types significantly increases the administrative burden, the network should be designed to maximize automated, secure device onboarding.
This guide discusses the following use cases:
- Use artificial Intelligence to augment available network operator resources with Smart Telemetry.
- Enforce Zero Trust Security to secure the network from inside and outside attacks.
- Create a powerful unified infrastructure with centralized cloud-based management.