Aruba Networks Version 3.3 manual Small Network Deployment, Alternative Deployment Architectures

Page 71

Appendix C

Alternative Deployment

Architectures

This Campus Wireless LAN Reference Architecture represents a large scale, highly available WLAN deployment model in a single large campus environment. While this is the recommended deployment for this environment, there are other reference architectures that are considered best practices at different scales, and for different types of customers. Aruba has identified four specific reference architecture models in addition to the Campus WLAN that are commonly deployed by our customers.

zSmall Deployment (No Redundancy)

zMedium Deployment (1:1 Redundancy)

zBranch Office (N+1 Redundancy)

zPure Remote Access (1:1 Redundancy)

Each of these scenarios will be covered briefly in the following sections. All of these architectures include a concept of an Aggregation layer and a Management layer as well as discussion of available redundancy options and controller placement. The recommendations for VLANs, profiles, and AP placements are the same as for the Campus WLAN for the most part.

Small Network Deployment

In a small office the network will look much like the Proof-of-Concept design in Chapter 3 on page 15, with a single Mobility Controller and a limited number of APs and AMs. This type of WLAN deployment is typically specified where the WLAN is a convenience network that is not relied upon as the primary connection by users and voice services are not present.

In this scenario the Management layer and Aggregation layer are contained within the same controller, and there is no redundancy. Should the Mobility Controller become unreachable, all APs will go down and the wireless network will be unavailable until the Mobility Controller is once again online.

In this scenario, the Mobility Controller is typically deployed in either the network data center or in the wiring closet. The choice is typically dependent on the physical size of the network and Power-over- Ethernet (PoE) requirements. In a larger physical network that is deploying WLAN in hotspots, the Mobility Controller should be located in the data center. In very small networks where PoE from the controller will also power the APs, the Mobility Controller should be located in the wiring closet. Both options are shown in the following diagrams.

Campus Wireless Networks Validated Reference Design Version 3.3 Design Guide

Alternative Deployment Architectures 71

Image 71
Contents Campus Wireless Networks Validated Reference Design Version Crossman Avenue Sunnyvale, California Phone Fax Contents Chapter RF Planning and Operation Introduction Aruba Reference ArchitecturesReference Documents Contacting Aruba NetworksTelephone Support Aruba’s User-Centric Network Architecture Understanding Centralized Wireless LAN NetworksCentralized Wlan Model Introducing Aruba’s User-Centric NetworkArubaOS ArubaOS and Mobility ControllerMobility Controller Air Monitor Multi-function Thin Access PointsAccess Point Aruba’s Secure Enterprise Mesh Network Mesh Portal or Mesh PointRemote AP Mobility Management SystemMobility Management System Proof-of-Concept Network PoC Network Physical DesignVlan PoC Network Logical and RF DesignProof-of-Concept Network Proof-of-Concept Network Campus Wlan Validated Reference Design Aruba Campus Wlan Physical ArchitectureAruba Campus Wlan Logical Architecture Data center ManagementMaster Campus Wlan Validated Reference Design Understanding Master and Local Operation Mobility Controller Access Point DeploymentMobility Controller High Availability Master Controller Redundancy Local Controller Redundancy Second Local controller has an opposite configuration Vlan Design Do Not Use Special VLANs Do Not Make Aruba the Default RouterVlan Vlan PoolsVLANs 10, 20, 30 User Mobility and Mobility DomainsMD1 ArubaOS Mobility DomainMaster Controller Placement Mobility Controller Physical Placement and ConnectivityMobility Controller and Thin AP Communication AP Placement, Power, and ConnectivityLocal Controller Placement Office Deployment AP Power and ConnectivityAP Location and Density Considerations Active Rfid Tag Deployment Voice DeploymentRequired Licenses Configuration Profiles and AP GroupsMobility Controller Configuration Configuration ProfilesAP group Profile TypesProfile Planning SSIDs, VLANs and Role DerivationAP Groups VLANs SSIDsRole Derivation Secure Authentication MethodsAuthenticating with Corporate Authentication Methods for Legacy Devices Authenticating with Captive PortalEmployee Role Configuring Roles for Employee, Guest and Application UsersGuest Role Create a bandwidth contract and apply it to an AP group Create the block-internal-access policy Modify the guest-logon role Device Role Wireless Attacks Wireless Intrusion Detection SystemRole Variation by Authentication Method Rogue APs Page Mobility Controller Configuration RF Planning and Operation RF Plan ToolAdaptive Radio Management Page Minimum Scan Time Sec WMM and QoS Voice over Wi-FiQuality of Service Voice-Aware RF Management Voice Functionality and FeaturesTraffic Prioritization Network Wide QoSComprehensive Voice Management Voice over Wi-Fi LAN / WAN Controller Clusters Mobility Management SystemMultiple Master/Local Clusters Page Multiple Master/Local Clusters Licenses Appendix aLicenses Wlan Extension with Remote AP Appendix BWlan Extension with Remote AP Alternative Deployment Architectures Small Network DeploymentMobility Controller located in the network data center Medium Network DeploymentBranch Office Deployment Corporate data center DMZ Pure Remote Access Deployment