FULL STACK MANAGEMENT
PROVISION AND DEPLOY THOUSANDS OF UNIFIED DEVICES WITH EASE.
SD – Software-Defined
WAN – Wide Area Network
LAN – Local Area Network
VPN – Virtual Private Network
MPLS – Multi-Protocol Label Switching
LTE – Long-Term Evolution
IPsec – Internet Protocol security
RTT – Round-Trip Tim
3. SD-WAN – HQ-LIKE REMOTE NETWORK ACCESS
FULL STACK MANAGEMENT
PROVISION AND DEPLOY THOUSANDS OF UNIFIED
DEVICES WITH EASE
LINK QUALITY MONITORING
CONTINUOUS WAN LINK STATE CHECKING
DYNAMIC PATH SELECTION
PER PACKET BEST PATH ROUTING
USER AND APP OPTIMIZATION
ROUTING GROUPS DEFINE LINK PRIORITIES FOR USERS
AND APPS
IDENTITY-BASED SECURITY POLICIES
PRIORITIZE, RESTRICT, AND BLOCK TRAFFIC TYPES
4. SD-WAN COMPONENTS
XR200P
ROUTER
VIRTUAL
VPN GATEWAY
HIVEMANAGER
CLOUD MGMT
Cloud-managed secure SD-
WAN router for secure and
reliable enterprise
connectivity at remote
locations
VMware-appliance
specifically designed to
terminate route-based
Layer 3 IPsec VPN tunnels
from Aerohive SD-WAN
routers
Cloud management for SD-
WAN/SD-LAN unified
networking provisioning,
monitoring, and
troubleshooting
5. XR200P – AEROHIVE’S FIRST SD-WAN ROUTER
2 x PoE PORTS 30W TOTAL
(.3af and .3at PSE)
USB PORT
4 x 10/100/1000-Mbps
ETHERNET LAN
3 x WAN PORTS
(1 FIXED + 1 ETH + LTE VIA USB)
CONSOLE
PORT
200 Mbps FW
100 Mbps VPN
UP TO 2 VPN TUNNELS
PER WAN
6. SD-WAN - IDENTITY-DRIVEN ACCESS & OPTIMIZATION
IOTGUESTCORP
APPLICATION TRAFFIC
OPTIMIZATION
IDENTITY-DRIVEN
POLICY ENFORCEMENT
LINK STATE
MONITORING
PRIORITIZE, DIRECT, RESTRICT,
AND BLOCK APPS
END-TO-END SD-LAN/SD-WAN USER
CONTROLS AND OPTIMIZATION
DYNAMICALLY SHAPING PERFORMANCE BASED
ON BACKHAUL OPERATIONAL STATE
SD-WAN
SD-LAN
PRIMARY SECONDARY TERTIARY
BUSINESS LINE BROADBAND LTE
7. TRAFFIC ISOLATION
SECURELY DIRECT TRAFFIC
BETWEEN VIRTUAL
GATEWAY
USER-BASED ROUTING GROUPS
USER ROUTING
GROUP
UNFIFIED POLICIES
ASSIGN LINK PRIORITY PER USER
GROUP
PRIORIT
Y
LINK
1 MPLS
2 BROADBAN
D
3 LTE
PRIORIT
Y
LINK
1 BROADBAN
D
2 LTE
3 N/A
PRIORIT
Y
LINK
1 BROADBAN
D
2 MPLS
3 N/A
SD-LAN TO SD-WAN
MAPPING
PER PACKET
ROUTINGUSER LINK VARIES BASED ON LINK
PERFORMANCE
CORPORATE
GUEST
IOT
8. APPLICATION-BASED ROUTING
PRIORIT
Y
LINK
1 MPLS
2 BROADBAN
D
3 LTE
PRIORIT
Y
LINK
1 BROADBAN
D
2 LTE
3 N/A
COLLABORATION OTHER APPS
DEFINE APPLICATION GROUP ROUTING
POLICIES
OPTIMIZE APPLICATION TYPES
BLOCK OR RESTRICT APPLICATION USAGE
DYNAMIC LOAD BALANCING WITH LINK PERFORMANCE
MONITORING
9. LINK MONITORING & DYNAMIC PATH SELECTION
MULTI-PATH LINKS
DYNAMIC
SWITCHING
CONTINUOUS VPN TUNNEL LINK QUALITY MONITORING:
MEASURING UP-DOWN STATE / ROUND TRIP DELAY / JITTER / LINK
UTILIZATION
DYNAMIC PATH SELECTION BASED ON REAL-TIME LINK QUALITY
PER PACKET DECISION MAKING
12. MULTI-SITE ROLLOUTS RADICALLY SIMPLIFIED
CONFIGURE THOUSANDS OF DEVICES IN MINUTES:
DEVICE AUTO ONBOARDING AND PROVISIONING
TEMPLATE-BASED POLICY MANAGEMENT
REMOTE CLOUD MANAGEMENT MONITORING AND TROUBLESHOOTING TOOLS
13. SD-WAN VS. TRADITIONAL BRANCH ROUTING
FEATURE AEROHIVE
ROUTING
AEROHIVE SD-WAN
UNIFIED MANAGEMENT X X
IP ADDRESS MANAGEMENT X X
ZERO-TOUCH PROVISIONING X X
IPSec VPN X X
STATEFUL FIREWALL X X
USB MODEM SUPPORT X X
USER-BASED ROUTING POLICIES X X
APP-BASED ROUTING POLICIES X
SD-WAN ROUTE GROUPS X
LINK STATE MONITORING X
DYNAMIC PATH SELECTION X
14. AEROHIVE SUMMARY
CLOUD-MANAGED ACCESS NETWORKS
SELF-ORGANIZING
WI-FI
ADAPTIVE
ROUTING
UNIFIED
SWITCHING
IDENTITY-DRIVEN
ACCESS
ANALYTICS
& INSIGHTS
SIMPLIFIED
MANAGEMENT
SD-LAN + SD-WAN
ADAPTABLE WIRED AND WIRELESS ACCESS
NETWORKS
CLOUD MANAGEMENT
SIMPLIFIED UNIFIED MANAGEMENT FOR THOUSANDS
OF DEVICES
IDENTITY-DRIVEN ACCESS & OPTIMIZATION
USER, DEVICE, & APPLICATION SECURITY & PERFORMANCE
ANALYTICS & INSIGHTS
NEW DATA SETS FOR MONITORING,
TROUBLESHOOTING, AND NETWORK OPTIMIZATION
PUBLIC &
PRIVATE
CLOUD
NETWORKING