Both boxes run the latest release of the HiveOS, version 5.0. The new code works with cloud features such as the new VPN termination, the revamped HiveManager 5.0 for cloud-based WLAN management. For the first-time, wired clients plugging into the new routers also now can be tracked by user identity and device type and automatically assigned permissions, network settings, and be managed by HiveManager regardless of how they connect to the branch network.
The new HiveOS version will also update Aerohive's existing HiveAP 3003 and 350 access points to support the routing functionality of the branch devices.
HiveManager has been redesigned: administrators logging in via a Web browser can see the full configuration pushed down to the new routers and remote access points, modify any part of it, and centrally manage all clients, including creating user profiles that can be applied to wireless and wired clients.
Aerohive's new Cloud VPN Gateway (CVG) is a software application for terminating VPN tunnels. It's designed to run on VMware virtual servers, so it can be quickly scaled to handle numerous clients. Routers are plugged in, powered up, and automatically tunnel back to the CVG.
"A constant pain-point for VPNs with many sites, especially little remote/branch offices, is the need to allocate and map IP addresses and subnets and configure routes to keep local traffic local, while tunneling other traffic over the VPN," Phifer says. "From what I saw in Aerohive's demo, they auto-generated Branch on Demand subnets and routes based on simple sliders, for example, 'I have 10 users at office X.' That could be a big time-saver if you have hundreds or thousands of branches to deal with."
The Aerohive cloud components can tie into Web security offerings from Websense, which offers a gateway that supports anti-malware filtering, SSL traffic inspection, and other services, and from Barracuda Networks. The integration lets the new routers use VPN tunnels to route branch traffic through these cloud security services, explains Core Competence's Phifer.
Altogether, Branch on Demand is a "strong combo for large organizations, including enterprises, that need to paint numerous small distributed sites with Wi-Fi plus Ethernet [connectivity] with low incremental OpEx," she says.
John Cox covers wireless networking and mobile computing for Network World.
Blog RSS feed: http://www.networkworld.com/community/blog/2989/feed
Read more about anti-malware in Network World's Anti-malware section.