Link Search Menu Expand Document
calendar_month 11-Jun-24

Aruba ESP Data Center Management

Aruba supports on-premises and cloud-based options for managing an Aruba data center. Aruba Central is a cloud-based service that provides configuration, alerting, and powerful AI-Insights into network communication. Aruba Fabric Composer is on-premises software that automates building EVPN-VXLAN underlays and overlays, orchestrates firewall policy with Pensando Policy Services Manager and access control list (ACL) policy on switches, integrates with VMware vCenter, and provides useful alerting and visualization tools.

Table of contents

Aruba ESP Data Center Services Layer

The Aruba ESP data center solutions include management plane choices that enable an organization to apply the approach that best suits its needs.

  • Aruba Central provides a cloud management solution for the end-to-end Aruba ESP solution.
  • Aruba Fabric Composer (AFC) is an on-premises fabric automation tool that provides a simplified, workflow-based method of fabric configuration.
  • Pensando Policy and Services Manager (PSM) provides management and monitoring of Pensando DPU services contained in Aruba CX 10000 switches.
  • Aruba NetEdit provides the same multidevice configuration editor and topology mapper now found in Aruba Central in an on-premises offering.

Aruba Central

Aruba Central is designed to simplify the deployment, management, and optimization of network infrastructure. The use of integrated Artificial Intelligence (AI)-based Machine Learning (ML), and Unified Infrastructure management provides an all-encompassing platform for digital transformation in the enterprise.

Aruba Central provides advanced services to facilitate transformational data center rollouts. NetEdit-style MultiEditor capability is now integrated into Central, making it possible to deploy complex, multi-device, multilayer configurations from the cloud to the data center. The Network Analytics Engine provides real-time alerts on the state of switches and allows for rapid analysis of intermittent problems. Aruba Central is cloud-hosted for elasticity and resilience, which also means that users need not be concerned with system maintenance or application updates.

Workflow-based configurations within Central enable efficient, error-free deployments of Aruba solutions anywhere in the world. The workflows are based on common best-practice approaches to network configuration. They enable new devices to be brought online quickly using new or existing network configurations.

AIOps

According to Gartner Glossary, “AIOps combines big data and machine learning to automate IT operations processes, including event correlation, anomaly detection and causality determination.”

Aruba AIOps, driven by Aruba Central, eliminates manual troubleshooting tasks, reduces average resolution time, and automatically discovers network optimizations. Aruba’s next-generation AI uniquely combines network and user-centric analytics to identify and inform personnel of anomalies. It also applies decades of networking expertise to analyze and provide prescriptive actions.

AI Assist uses event-driven automation to trigger the collection of troubleshooting information, identify issues before they impact the business, and virtually eliminate the time-consuming process of log file collection and analysis. After log information is collected automatically, IT staff are alerted with relevant logs that can be viewed and shared with Aruba TAC, who can assist more quickly with root cause determination and remediation.

Aruba Fabric Composer

AFC provides API-driven automation and orchestration capabilities for the Aruba ESP data center. AFC discovers data center infrastructure and automates provisioning for both spine-and-leaf fabric and Layer 2 two-tier topologies. AFC ensures a consistent and accurate configuration of a spine-and-leaf data center with or without deployment of an overlay network.

AFC orchestrates a set of switches as a single entity called a fabric and enables the operator to orchestrate data center resources using an application-centric approach to visualizing network and host infrastructure. It supports managing multiple fabrics and also performs day-to-day operations across rack-scale computing and storage infrastructure.

Visualization of the data center network fabric includes physical and virtual network topologies as well as host infrastructure through integration with Aruba OS-CX, HPE iLO Amplifier, HPE SimpliVity, VMware vSphere, and other leading data center products. In addition to providing a complete view across the fabric, AFC makes network provisioning accessible to others beside high-level network staff. It provides a secure platform for orchestrated deployment of host and networking resources across the fabric using a guided workflow user interface.

AFC product integration with vSphere dynamically modifies network security policy by monitoring VM attributes such as IP assignment and VM tags. This automation empowers VMware administrators to add or remove hosts from firewall and ACL policy enforcement by modifying vCenter tags associated with a VM guest.

AFC is recommended for new data center deployments based on a spine-and-leaf fabric topology. It is particularly helpful when also deploying an EVPN-VXLAN overlay. AFC configures both the underlay and overlay routing automatically using basic IP information provided by the operator.

AFC facilitates stitching multiple fabrics together to support extending an overlay across multiple locations.

**Aruba Fabric Composer**

Pensando Policy and Services Manager

The Pensando Policy and Services Manager (PSM) provides an API-based platform for programming and monitoring Pensando DPUs integrated into Aruba CX 10000 switches. PSM is the firewall policy authority for associated switches.

AFC integration with PSM enables single-pane-of-glass configuration and orchestration of both the switch fabric and PSM firewall services. PSM also can be managed independently using its web-based GUI or REST API.

Aruba NetEdit

Aruba NetEdit helps IT teams automate the configuration of multiple switches and ensure that deployments are consistent, conformant, and error-free. It enables automation workflows without the overhead of programming by providing operators with a user-friendly interface similar to command line. NetEdit also provides a dynamic network topology view to ensure an up-to-date view of the network.

When deploying an Aruba ESP data center network using on-premises tools, NetEdit should be deployed for detailed configuration management. While Aruba Fabric Composer enables fast, error-free spine-and-leaf implementations, NetEdit provides the ability to tailor the configuration when necessary. Together, Fabric Composer and NetEdit deliver an automated, integrated, and validated network configuration ready to support the needs of any data center network.

**NetEdit**

AOS-CX Ansible Collection

The HPE Aruba Networks Developer Hub provides documentation and tooling to support Ansible automation using the AOS-CX Ansible Collection.

Ansible is an open-source orchestration framework maintained by Red Hat. It automates provisioning, configuration management, and application deployment. Ansible playbooks are a powerful and flexible method of automating any CX switch-based topology.

Aruba Network Analytics Engine

Aruba Network Analytics Engine (NAE) provides a built-in framework for monitoring and troubleshooting networks. It automatically interrogates and analyzes network events to provide unprecedented visibility into outages and anomalies. Using these insights, IT personnel can detect problems in real time and analyze trends to predict or even avoid future security and performance issues

A built-in time-series database provides event and correlation history along with real-time access to network-wide insights to help operators deliver better user experiences. Rules-based, real-time monitoring and intelligent notifications automatically correlate to configuration changes. Integrations with Aruba NetEdit and third-party tools such as ServiceNow and Slack provide the ability to generate alerts to trigger actions within the IT service management process.

NAE runs within the AOS-CX operating system in the Aruba CX 6xxx, CX 8xxx, CX 9300, and CX 10000 switch series. NAE agents test for conditions on the switch, its neighboring devices, or on traffic passing through the network, and then take actions based on the result of the test.

**Network Analytics Engine**

Choosing an Approach

In general, small, edge-connected data centers are best managed using Aruba Central to ensure consistent configuration anywhere in the world.

Layer 2 two-tier data centers can be managed by Aruba Central or AFC. Aruba Central provides a single, cloud-based management platform for both campus and data center networks.

Plans to build a spine-and-leaf data center topology should include AFC. When deploying an EVPN-VXLAN overlay, AFC is highly recommended to simplify the configuration of underlay and overlay services as well as Layer 3 segments. When deploying PSM with Aruba CX 10000 switches, AFC is recommended to manage firewall rule and policy creation.

Additional Data Center Services

Planning a data center network involves more than just designing the physical network infrastructure. It also is necessary to ensure that services are available to bring switches and hosts online and to ensure that devices can send log messages to a syslog server accessible to people and applications.

It may be useful to leverage the Zero Touch Provisioning (ZTP) capabilities of Aruba switches. To use ZTP, the network must provide a Dynamic Host Configuration Protocol (DHCP) server on a management LAN with a route to the Internet. In addition to the default gateway address, devices also require at least one domain name service (DNS) server to resolve hostnames required for connectivity to Aruba Central and the Aruba Activate service.

Network Time Protocol (NTP) ensures that log data from across the network and in the cloud is time-stamped correctly for later analysis. NTP also is required for public key infrastructure (PKI) to function correctly. PKI is required for a variety of access security approaches today. A log management or security information and event management (SIEM) solution also is a part of most modern data centers, which can be used to establish baselines for all switches in the network.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.