What are the needs of an enterprise WiFi management system? What is a better way of deploying this? Is a centralized mode with a cloud based management the best way to a hassle free enterprise management?
JustiFi attempts to address these requirements in the following ways.
Single Point of Connection to the Wired Network – Since the client traffic is analyzed by the agent and the cloud based management layer takes the decisions away from the routers it is extremely easy to apply security policies, FUP, bandwidth control (QoS) rules etc to the wireless users on a zone basis.
Simplified policy – Enterprise network policies are the core of an enterprise network, which decodes how the network is used, utilised, performing, how qos, fup etc rules are applied and permissions enforced/revoked. In a traditional network, this was achieved by the use of a 5 tuple based mechanism, which was overemphasizing the dependence on IP address which was restricting mobility as a result (Since IP address is being used to identify a user and its location in the network).
The Software defined Network and SD Access in combination with the programmable routers as well as the WLAN Controller simplify this regime by separating policy definitions from the network constructs. Since policies can be defined irrespective of devices or IP or user, the zone based networking and policies help improve the mobility. Using the zone based networking, we can isolate and classify various zones with independent of each other policy which in practical world can be applied to various floors or departments or various organizations in a co working place without the need of expensive networking equipment, including Openflow switches and openflow or other SDN supported routers that may cost hundreds of thousands of dollars depending on the number of ports that are SDN enabled.
Public WiFi – The same mechanism helps in rolling out a public wifi or commissioning a guest network either temporarily or permanently without costing much on the commissioning. SD-Access Wireless architecture provides a way to segment the network without complicated technologies and also offers a way to stretch the client subnet without extending the same VLAN everywhere. The entire SD-Access fabric appears to the endpoints as if it were one big switch or one large roaming domain. This architecture optimizes the data plane because the data is distributed.
Branch Office Connectivity – Branch offices are usually connected across an uncontrolled and unreliable WAN link and inherently prone to the constraints of the WAN. JustiFi gives the branch offices and central offices a facility to look at a combined view of all the office networks and decide about policies based on branch basis, zone/department basis or floor basis as the need be. The data is still distributed at each branch office, avoiding a single point of failure while, the control is centralised (optionally, distributed as well for better manageability). The architecture simplifies the on-boarding of a new branch as everything is automated and hence even a non/semi technical person can easily handle this, without being dependent on an expensive network admin – person/firm.
JustiFi is an Enterprise Class feature-rich solution that provides the ability to run the WiFi controller function on chosen Access Points. It is well suited for small and mid-sized businesses with any number of access points. It is designed around configuration simplicity and an easy-to-use interface to allow for over-the-air management and Day 0 seamless deployments. As more applications, users, devices, and services come onto the network, the growing complexity of ensuring that they all receive the appropriate level of service becomes a challenging and expensive task. Reducing complexity and the associated cost are centered around automation. For network administrators, automation means having an opportunity to minimize mundane operational activities and play a more strategic role in the business; for the company, automation ultimately results in increasing speed to market and lowering of operational costs.
JustiFi facilitates the following benefits through its automated approach
•Agility: Reduce the time required to design, deploy and/or optimize the wireless network. The wireless administrator can quickly create a hierarchical site structure for each specific wireless deployment. JustiFi flow makes it extremely easy to then define settings (zone, policies, QoS, FUP, device credentials, network settings, etc.) and apply them globally or specifically to a site, branch or zone. This helps ensure consistency of configuration at scale.
•Reliability: Automation brings reliability by streamlining the configuration flow and provides consistent deployment of prescriptive “best practices”. For example, when defining an SSID, the administrator has to specify only a few important parameters; all the key best practice configurations are automatically applied in the background.
•Simplification: JustiFi minimizes the management touch points. For example, the administrator uses a single pane of glass to define the desired policy between groups of wireless users and the resulting policies are configured automatically.
•Abstraction: JustiFi uses easy-to-understand concepts and constructs that abstract out the underlying feature and technology implementation specifics. If an SSID has to be broadcast only at a specific site/zone, the administrator does not need to deal with constructs such as WLAN IDs and AP Group, but simply assigns the SSID and APs to that site/zone, and the intent is translated to configurations automatically at the WLC.
•Provisioning: In enterprise environments, initial network device setup is often done at a central staging area where the network admin installs the target system image and applies a basic standardized configuration. Once the device reaches its intended location, a skilled person completes the installation and applies the final configuration. This process is time-consuming and expensive, error-prone and not very secure. Also this is not mostly affordable by small and medium enterprises where an expensive and mostly a proprietary technology aware admin has to be employed for mundane IT tasks and maintenance and upgrade works. This also calls for isolated branch office networks where individual admins have to be employed or there is a delay in configuration and control due to the availability of a local admin. JustiFi simplifies the admin jobs most intuitively as well as in a simplified manner.
The Wireless Controller as well as the Access Points are pre aligned to the needs of such small and medium multi branched enterprises, and the rest of the configuration is always quickly achievable by simple, non technological app and portal interfaces that such enterprises don’t need an admin at all, hence saving on the expenses as well as making the network free from the clutches of complicated technology, expensive admins and proprietary equipment that make the SME owners’ lives miserable, without compromising on the network security, monitoring and better command & control. Upgrading, re-configuring of many Access Points is a cumbersome task which JustiFi minimizes by its centralized app/portal interface where there is no need to separately logging, configuring and remembering individual configurations of Access Points. Such configuration and control can be as simple as changing the SSID names or their password or encryption types or as complex features as changing the channel or changing the channel width to affect better throughput by realigning the performance in case of a highly signal interfering environment. Some areas like public WiFi, factories or warehouses etc can be crowded with the same enterprises’ Access Points themselves that could cause interference to other APs owned by them. JustiFi installation process will quickly point out such interference and helps to quickly realign to avoid such collisions which could result in huge data rate losses.
•WAN failover and Load balancing: It is necessary to make sure that the backbone connection of the enterprise wireless network is always available. The Wireless LAN Controller always checks for the available WAN connections and indicate to the admin if there is any loss of connection by an alert SMS to the registered mobile number. While the connection is restored, another LINK RESTORED message is sent to the admin to ensure that the admin is aware of the connection fluctuations on the WAN. While the LAN traffic is distributed over the WAN by always looking at the load, when a WAN link goes down, the load is again equally distributed among the available WANs, thus if one WAN fails, the other available WANs do not only provide back up but also balance and distribute the load equally.
•Option for Single Sign On: When multiple branches are connected and aggregated, there is an option to make a Single Sign On for all branches so that a single admin could remotely manage all branches through an app that presents to him all the branch networks. SSO is kept optional so that if an enterprise wants to separate its branches and hand over to different admins to manage those that is also possible.