The overall goal is to create a simple, scalable design that can be replicated easily across all sites in the network. Selection of solution components is limited to a specific set of products proven to deliver streamlined, cost efficient operation and maintenance. Key features provided by Aruba SD-Branch include:
- Simplicity with Zero Touch Provisioning: SD-WAN devices can be factory-shipped directly to a remote site by automatically matching orders to an Aruba customer account. The devices can use installed quickly using Zero Touch Provisioning.
- Unified policy management: For Aruba and third-party network infrastructure, Aruba ClearPass delivers a common policy framework for multivendor wired and wireless networks. The software-defined approach makes it easy for the network administrator to distribute changes quickly to meet current and emerging corporate risk management and compliance requirements. ClearPass Device Insight (CPDI) adds AI-powered device profiling to automate the discovery and monitoring of mobile and IoT endpoints.
- Predictive analytics and assurance: Aruba Central’s artificial intelligence (AI), machine learning (ML), and automation capabilities identify issues and notify IT personnel of problems with recommended changes. With the shift to a cloud-hosted model, data are collected and crowdsourced from Aruba’s extensive base of installations to take advantage of Aruba’s collective data science expertise.
- Secure WAN connectivity: SD-WAN technology uses the Internet to replace or augment private WAN services. The solution includes path quality monitoring (PQM) to track the available paths, stateful firewall with application fingerprinting to identify traffic flows, dynamic path selection (DPS) to identify the optimal path, and the route orchestrator to facilitate routing decisions without requiring admin intervention.
Use this guide to design new networks or optimize and upgrade existing networks. The guide is not intended as an exhaustive discussion of all options. It presents commonly recommended designs, features, and hardware.
Branch networks are changing rapidly. The most pressing challenges include an increasing number of mobile and IoT devices, growing bandwidth requirements for business operations, and modern users who expect connectivity for work and personal use anywhere, any time.
IT teams responsible for managing distributed networks are facing staff reductions, even as organizations significantly increase network capabilities and reduce implementation times. Busy IT departments must improve service levels, reduce costs, manage an increasing workload and shift spending from capital expense to operating expense.
This guide discusses the following use cases:
- Employing artificial Intelligence to augment operator oversight with Smart Telemetry.
- Accommodate highly secure WAN communications using IPsec tunnels over an independent transport.
- Use Zero Trust Provisioning for all networking components in the branch.
- Institute switch stacking for simplified management, high availability, and scalability.
- Add link aggregation for high bandwidth, redundancy, and resiliency between switches and gateways.
- Incorporate wireless as the primary access method for branch employees.
- Invoke Zero Trust Security to secure the network against inside and outside attacks.