Tunneled Node for Campus Switches

Simplicity is core to our Aruba Mobile First architecture.  So is security.  So when our development team comes up with a new feature that delivers both, we get excited because we know it will be a win for our customers.  Tunneled Node for wired switches is what I am talking about so keep reading to learn more.

 

Just the basics please

In a traditional wired campus network, access switches have the job of forwarding user traffic to and from distribution switches.  And in flatter, 2 tier networks, they do this directly to a core switch.  Our Aruba wireless solution uses a mobility architecture, which encapsulates a user’s wireless traffic between the access points and mobility controllers using tunnels.  We have now applied this tunnel concept to our wired switches with a new feature called Tunneled Node which is available, license free, in the ArubaOS-Switch 16.02 release.

 

Per-port Tunneled Node for Aruba switches provides a separate tunnel to transport network traffic on a per-port basis to an Aruba Controller.  Authentication and network policies are applied and enforced at the Controller, just as they are for APs.

 

Why

The main purpose of Tunneled Node is to use the controller as a unified policy enforcement point for traffic from both wired and wireless clients.  Using a unified policy simplifies policy management and ensure consistent access and permissions.  It delivers the following benefits:

How it does it

• A single GRE tunnel transports all traffic to and from ‘tunneled’ interfaces.
• Traffic from other interfaces is forwarded normally by the switch.
• Management and control traffic is not tunneled.

Which Aruba switches support Tunneled Node?

Using the ArubaOS-Switch 16.02 software release, the following switches support per-port Tunneled Node:

• Aruba 2920 Switch Series
• Aruba 2930F Switch Series
• Aruba 3800 Switch Series
• Aruba 3810 Switch Series
• Aruba 5400R Switch Series

Source: Airheads Community