Aruba’s SD-Branch hooks SD-WAN, wired and wireless networks together


Adam Shepherd

19 Jun, 2018

Aruba has designed a new software-defined networking (SDN) tool to allow multi-site customers to manage their networking in a simpler and more streamlined way.

The HPE-owned company’s new SD-Branch links SD-WAN, wired and wireless networking infrastructure together, routing them all through Aruba’s new Branch Gateways so they can be managed and controlled through the cloud-based Aruba Central management platform.

In addition, the inclusion of Aruba’s ClearPass policy manager means network policy can be created and enforced remotely and automatically, without administrators having to manually provision equipment or conduct on-site maintenance. For Aruba, the aim is to help businesses cut out inefficiency, speed up deployment and reduce networking complexity.

“First and foremost, this software-defined branch solution and architecture significantly increases IT’s ability to respond in real time to the business’s need to be agile,” Aruba’s Lissa Hollinger said at HPE Discover 2018 yesterday, citing the fact that many customers have 10 to 12 IT staff managing up to 3,000 branches.

“You can imagine how complex that is if you don’t have a centralised way to automate deployment and provisioning and monitoring, so this significantly increases IT’s ability to be agile and to focus on more strategic initiatives as opposed to just keeping the lights on,” she added.

Simple, zero-touch provisioning is another key benefit of the service, and vice-president and general manager of Aruba’s cloud and SD-Branch division, Kishore Seshadri, noted that this is a critical feature for many customers.

“If you own a thousand cafes or a thousand restaurants, and you want to deploy these solutions,” he explained, “previously you could do this across two or three years – now we’re asked to be able to do this in two or three months. You have to assume that there is no technical resource on the ground, there is no IT team on the ground, so it’s just expected that you will ship a device to the location, somebody unpacks it, plugs it in; it just has to work.”

As with any networking technology, security is a critical feature of SD-Branch. Aruba has partnered with network security vendors including Zscaler, Palo Alto Networks and Check Point to offer cloud-based firewall protections, in addition to the Branch Gateway’s built-in firewall and deep packet inspection tools.

The new branch gateway units also offer context awareness, allowing for dynamic traffic optimisation to ensure maximum quality of service for bandwidth-hungry business-critical devices and applications. This also feeds into policy-based routing tools that ensure organisations can specify exactly which services they want to prioritise.

SD-Branch is hardware-agnostic, in that customers do not necessarily need to deploy Aruba’s switches or access points in order to make use of it – although the company claimed that customers may be limited by the features offered by third-party vendors.

In order to deploy the new package, customers will need to be subscribed to Aruba Central, with a headend gateway in their datacentre to manage traffic and a branch gateway unit in each physical location. Prices start at $1,495 each for the physical gateway hardware, as well as $450 in subscription fees per gateway per year.