Things to watch for Aruba Wireless!
April 03, 2018

Things to watch for Aruba Wireless!

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Aruba Networks Wireless

We had a Cisco wireless deployed, everything was running great but we found that it's lack of visibility and SD-Wireless driven. We decided to switch to Aruba wireless and attempted to put almost every user on the wireless within our headquarter. Having all users to be running on wireless can be challenging at first, but the ROI can be significant. We deployed two Controllers (appliance), Mobility Master (VM), Airwave (VM) and Clearpass (VM).
  • Using Airwave as single management point for APs in the environment, and the Web GUI management seems to be easy for administration.
  • Increase security with the use of Clearpass as NAC to provides role-based and device based network access control. Each wireless clients will establish secured ipsec tunnel and route data traffic to a controller. It's recommended to attached controllers closer to the network core with 10Gb uplinks.
  • Clearpass also built-in context-based policy engine, RADIUS, TACACS+ protocol support, device profiling and comprehensive posture assessment, onboarding, and guest access options.
  • Setting up Clearpass as RADIUS server to authenticate 802.1x users were pretty smooth. However, to setup Guest wireless with onboarding, and guest access can be challenged at times.
  • We have deployed the latest Aruba 335 with AC wave 2 capable APs. Just to compare to our previous Cisco 3700 series wave 2 capable APs, Aruba APs signal strength and coverage are significantly less than Cisco APs. We needed to increase the number of Aruba APs for the same coverage area.
  • There was an incident in Oct 2017, Aruba decided to push system patch and update automatically to the Clearpass. The process had brought down some services in the Clearpass including RADUIS 802.1x authentication. Aruba support notified us and found out there was a bug in the patch and somehow unknowingly cause the issue. This incident had caused our entire wireless offline and no one could authenticate to the wireless network regardless if there was redundancy setup in the system. The incident and outage were reported and affected to all Aruba customers in the nationwide.
  • There was a second outage in less than 6 months and also caused by another bug in the Aruba system. We have dual Aruba controllers A & B and dual uplinks for each controller setup for redundancy. However, recently when one of the controller A went offline without any alert (later found out the port-channels between controller A and the network switch became "not-trusted"), all APs residing on controller A had dropped and offline. However, all APs would not failover to the controller B. After digging into logs, Aruba tech support found out there was a bug in the software which caused this problem.
  • The visual heat map is great to have.
will post more feedback later.
It is possible that we have a bad luck with the deployment. However, It is capable to perform enterprise-level security to fit some of the organization's standards. With Airwave and other tools, it's easy to manage and administrate your wireless environment. Make aware of the IPsec tunnel from each user to the controller if you are using Clearpass for NAC. If you have a remote office with local resources, you will need controller or IAP to route traffic locally. If you have many remote offices, you will need to deploy controllers or IAP in each office, which lead to additional cost and management.