meraki vs. aerohive wireless solution · pdf filevs meraki vs. aerohive wireless solution...
TRANSCRIPT
vs
Meraki vs. Aerohive Wireless Solution Comparison
Simplified management
• Intuitive,accessibleinterfacecanbeconfiguredinminuteswithoutonsiteITstaff
• Centrallymanagethousandsofdevicesacrosshundredsofnetworksandlocations
Deep visibility and control
• Network-widemanagementandtroubleshootingacrosswirelessandwiredinfrastructure
• Quicklyfinddeviceswithreal-timesearchandperformdiagnosticswithlivetools
• Createapplication-specificpolicieswithLayer7trafficshapingandapplybydevicetypeorusergroup
Integrated mobile device management
• 100%freedevicemanagementsolutionforiOS,Android,Mac,andPCdeviceswithSystemsManager
• Deploysecuritypoliciesanddevicerestrictions,deployapps,andmonitorinventory
• Noon-premiseserverrequired;SystemsManagerisentirelycloud-based
Why Meraki wireless?
M E R A K I A E R O H I V E
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
System Capabilities
User&DeviceManagement
Centrallymanagethousandsofdeviceswith
Meraki’sdashboard,whichprovidesfullclient,
device,andOSvisibility.Assigngrouppoliciesto
individualorgroupsofdevices,SSIDs,oreven
bydevicetypebasedonpreferences.Integrates
withActiveDirectoryandRADIUS/8021.Xforuser
authenticationandpolicydeployment.Examples
ofpolicyattributesincludeVLANs,firewallrules,
layer7applicationblockingand/orthrottling,and
splashpages.
Whilecentralmanagementofdevicesis
supported,Aerohivedoesnotprovidecomplete
OSvisibilityandcannotautomaticallyassign
grouppoliciesbydevicetype(i.e.,iPadvs.
Windows7,etc.).IntegrateswithActiveDirectory
andRADIUS/802.1Xforuserauthenticationand
policydeployment.
IntegratedMDM MerakiprovidesSystemsManager,afree
mobiledevicemanagement(MDM)solution
thatintegratesseamlesslyintothedashboard.
SupportsthousandsofiOS,Android,Windows,
andMacdevices.SystemsManagerrequiresno
hardwareorsoftwareappliancetooperate.
NointegratedMDMsolution.Aerohivepartners
withJAMFtodeliverApple-onlyMDMthat
non-educationalcustomersmustpayfor.JAMF
requiresadedicated,on-premiseserver.
ApplicationVisibility&Control
Merakiprovidesrichlayer7applicationvisibility
andcontrol,withafullheuristics-drivenengine
forclassification(e.g.,Skype,BitTorrent,web
traffic)andshaping.Prioritizeand/orthrottle
specificapplicationsorapplicationtype.
Nolayer7trafficshaping.NoLayer7firewall.No
applicationvisibility.
Security&WIPS Meraki’sAPsincludestatefulfirewalls,teleworker
VPN,full-timeintrusionscanning(AirMarshal),
NetworkAccessControl,adultcontentfiltering,
andWPA2-Enterprise/802.1Xintegration.
Additionally,MerakiAPscomewithabuilt-inPCI
compliancewizardandremediationtool.Secure
dashboardaccesswithpasswordrestrictionsand
two-factorauthenticationviaSMS.
Nobuilt-inNetworkAccessControl/anti-virus
protectionoradultcontentfiltering.NoPCI
compliancetool.NoabilitytologintoHive
Managerusingtwo-factorauthentication.
AerohiveAPsdoincludestatefulfirewalls,VPN,
intrusionscanning,andWPA2-Enterprise/802.1X
integration.
Intuitive,Multi-SiteManagement
Deploymultiplesitesrapidlybycopyingsettings
fromonenetworktoanother.Improvesearch
abilityamonghundredsofnetworkswith
networktagging.Firmwareupdatesaredelivered
seamlesslyfromthecloudtoalldevices,
regardlessoflocation.Manageandtroubleshoot
allsitesfromasingleweb-basedinterface.
Aerohivehasacumbersomeinterfacethatis
difficulttoconfigure,anddoesn’tintuitively
identifywhichAPsaredeployedatwhich
wirelesssites.Noreal-timesearchornetwork
taggingisavailable.Firmwareupdatesmustbe
downloadedandrolledouttoeveryAP.
End-to-EndVisibility
Deepvisibilityintothewiredandwireless
portionsofyournetworkisfullyintegrated.
Getthesamedeepcontroloverallyour
Merakidevices–APs,switches,andsecurity
appliances–throughasinglepaneofglass
accessiblefromanywhere.
Noend-to-endvisibility,asAerohivelacks
dedicatedswitchandsecurityapplianceproduct
linesandMDMisviaa3rdparty.
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
A Close-up on ManageabilityMeraki’sintuitivecloud-basedsolutionreducescomplexity,acceleratestroubleshooting,andeasestheITburdenofmanagingemployeeandguest-owneddevicesconnectingtotheLAN.
SimplicityMerakiMRaccesspointsaremanagedviaasecure,cloud-baseddashboardthatisdesignedfromthegroundupforeaseofmanagementandconfigurability.NewAPscanbedeployedinminuteswithzero-touchprovisioning,withouttheneedfortrainingordedicatedonsitestaff.ItonlytakestwoclickstocreateasecureguestnetworkthatisisolatedfromthecoreLAN.Firmwareupdatesareseamlesslyprovidedthroughthecloud.
EfficiencyWhetheryoumanagetenMerakiAPsortenthousand,findingandtroubleshootingdevicesiseasy.IntegrationwithGoogleMapshelpsyoukeeptrackofwheredevicesarelocatedandprovideshealthstatusataglance.Instantlyfindindividualorgroupdevicesbytype,OS,IP,MAC,name,andmoreusingGoogle-likesearch.LivetoolsintegratedintothedashboardprovidediagnosticsonAPsandconnectedclients,withreal-timevitalstatistics.
ControlMeraki-proprietaryLayer7devicefingerprintingandtrafficshapingdeliveranunparalleledlevelofcontrolandversatilityoverdevices,applications,andusersaccessingyournetwork.Maintainsecurityandcomplianceviaaccesspoliciesthatcanbeflexiblydeployedtosingledevices,groupsofdevices,orSSID-wide.EveryMerakiAPsupportsupto15differentSSIDs,allowingcreationofisolated,securenetworksfordevicesandusers.
View application usage statistics filtered by time period or SSID.
Drill into APs to view configuration, perform diagnostics, and see connected devices.
Convenient floor plan view provides live health status of network devices.
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
MERAKI VS. AEROHIVE SIDE-BY-SIDE COMPARISON: Controllingtrafficonyournetwork
DevicesnotofficiallymanagedorsanctionedbyITstaffposesecurityandbandwidthconcernswhentheyattempttousenetworkresources.Forexample,howwouldyouprioritizeVoIPtrafficacrossspecificdevices(e.g.,iPhones)onyourWLAN?
Meraki Dashboard
1. GotheGroupPoliciespageandcreatealayer7trafficshapingruleforVoIPtraffic.We’veselectedallVoIP&videoconferencingtraffic,butyoucouldchooseamongspecificapplications.NowgrantVoIPunlimitedbandwidth;conversely,ifthegoalistothrottleconsumption,dosousingthesliderbar.VoIPtrafficwillbeshapedregardlessofbandwidthutilization,butQoStagscanalsobespecifiedintheeventofnetworksaturation.Layer7trafficshapingisincludedwithallMerakiwirelessAPsatnoadditionalcharge.
2. Next,simplyenablethedashboardtoassigngrouppoliciesbydevicetype.UsingMeraki-proprietarylayer7devicefingerprinting,thetypesofdevices(e.g.,iPad,WindowsXP,Android,etc.)connectingtoyourwirelessLANareautomaticallyclassified.
3. Finally,selectthetypeofdevicetowhichtoautomaticallyapplythegrouppolicy,andselectthatgrouppolicyfromthedropdownlist.Now,wheneveraniPhoneconnectstoyournetwork,itsVoIPconsumptionwillbeprioritized.Noagentinstallationorconfigurationisnecessaryontheclientforthispolicytoapply—itsimplyworks.
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
Aerohive Hive Manager
1. InHiveManager’sNetworkConfigurationpage,choosetocreateanewpolicy,andgivethepolicyaname(wechose“iPhone-VoIP-Priority”).Next,choosewhichSSIDthepolicywillapplyto.Ensurethatthe“EnableWMM”boxischeckedintheSSID’soptionalsettings.
2. NowcreateaQoSClassifiermapforthenetworkpolicy.SelecttheVoIPnetworkservicestoassignQoSsettingstointheClassifiermap(inthisexample,level6voice).AlsoenableDiffServQoSmapping,incaseyourdesiredVoIPtrafficisnotavailablefromthelistofservices.TosetQoSforoutgoingtraffic,createanewMarkermap.NotethattheseQoScontrolswillonlybeineffectshouldbandwidthutilizationreachsaturation.
3. Next,createanewUserProfiletoassignthenetworkpolicyto.IntheQoSsettingssub-menu,createanewRateControl&QueuingPolicy.Namethisnewratecontrolpolicyandchoosewhatlimitstoapplytoallvoicetraffic.Notethatweightedroundrobinsettingsdefineforwardingpriority,withtrafficlabeledas“Strict”immediatelyforwarded—andthusprioritized.
4. Finally,selectthe“ClientClassificationPolicy”sub-menuandcheckthe“Enableuserprofilereassignmentbasedonclientclassificationrules”checkboxtoensurethatthispolicyisappliedtospecifictypesofdevices—inthiscase,iPhones.Select“iPhone”fromthe“OSObject”pull-downmenu.
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
Out-of-the-box BYOD control
• Integratedlayer7devicefingerprintingclassifiesalldevicesconnectingtoyournetwork,andallowsyoutoautomaticallyapplygrouppoliciesbydevicetype
• Google-likesearchimmediatelyfindsclientsbyseveralvariables,includingOSandmanufacturer
• Real-timevitalstaticsdisplayedforeachclient
• Drilldownintoindividualdevicestogetspecificsonbandwidthconsumption
• Layer7trafficshapingandfirewallruleseasilyallowspecificapplicationslikeFacebookorBitTorrenttobethrottledorblocked
Licensing&SupportMeraki
Merakiwirelessincludesallfeaturesinasinglelicense,and24x7techsupportisincludedatnoadditionalcharge.Licensesareavail-ablein1,3,5,7,and10yearterms.
Aerohive
Aerohivelicensesareavailablein1,3,and5yearterms.Supportisnotincluded,andavailableeither8x5or24x7foranadditionalchargeperAP.
Meraki’s Layer 7 application and device visibility provide deep contextual insight into to client-specific usage.
Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]
CommonQuestionsHow are firmware and dashboard updates handled?
Whennewdevicefirmwareisavailable,customersreceivenotificationemailsanddashboardalerts.Toproceedwithupdates,customerssimplyscheduledeliveryinthedashboard—ortheycandelayoroptoutofupgradescompletely.Wirelessmeshconfigurationsrequirenoadditionaloversightforsuccessfulupdates.NewfeaturesareautomaticallyintegratedintotheMerakidashboardatregularintervals.
What if the connection to the cloud goes down?
TheLANstillfunctions;clientscanstillroambetweenAPsandaccesslocalresourcessuchasprintersandservers.Firewallandtraffic-shapingpoliciesarestillenforced.Wirelessmeshroutingstillworks.TheMerakidashboardandtheabilitytomakeconfigurationchangesaretemporarilyunavailable.
How reliable is the cloud?
Meraki’scloudprovidesa99.99%guaranteeduptimeSLA.Ourservicesareco-locatedintier-1,SSAE16certifieddatacenters–replicatedacrosstheworldforredundancy.Seemeraki.com/trustformoredetails.
How large can Meraki technology scale?
Merakiisdeployedinthelargestcloudnetworkingdeployment,supportingover10,000devicesacrossmorethan600Motel6locations.Supportingnewbranchlocationsiseasywithself-provisioningAPs,theabilitytoquicklycopysettingsfromonenetworktoanother,networktagging,andtheabilitytomanageallofdevicesfromasinglepane-of-glass.
ThousandsofSatisfiedCustomers
Free evaluations available at meraki.com/eval