1. INTL Enterprise Sales Mar 2013
Aerohive Overview
INTL Enterprise Sales Mar 2013

2. Introduction to Aerohive:
Cloud-managed Mobile Networking Company
Cloud (Public & Private), Controller-less Wi-Fi, Routing, VPN, Switching
~$100M annualized run rate
5th fastest growing tech company 07-11
(Deloitte Fast 500 – 44,569% growth)
135% YoY growth ( )
~8000 Customers
~450 Employees
Most Visionary Vendor - Gartner MQ for Wired & Wireless LAN 2012
Cloud Services Platform
Public
Partner
Private
(on-premise)
Branch & Teleworker Routers
Access Switches
Enterprise Wi-Fi
Healthcare
Enterprise
Education
Retail
Logistics

3. New Requirements of the Network Edge
Users want to work anywhere, on any device
You need to enable them, without drowning in complexity $ X
Yesterday Today
Corp deployed enterprise devices
WLAN overlay
Network centric
Monolithic
Corp / BYOD enterprise / consumer devices
Ubiquitous Wi-Fi Access
User Centric
Elastic
Users want to WORK anywhere on any device
You want to let them without drowning in complexity or compromising security, reliability and affordability.
Yesterday
Corp deployed enterprise devices
desktop, laptop, handsets, scanners
WLAN overlay
coverage, convenience, HQ orientated
Network centric
policy based on rigid, port/VLAN & SSID
Monolithic
“Build it and they will come” scalability
Today
Corp / BYOD enterprise / consumer devices
laptop, smart phone, tablet, Apple TVs, “AirPrint” Printers
Ubiquitous Wi-Fi Access
capacity, performance, mission-critical, extended enterprise
User Centric
Consistent policy based on identity, role, context
Elastic
Pay for what you need - leverage the cloud
Aerohive gives you the ability to achieve this simpli-fi-ing enterprise networking by delivering a self organizing, service aware, identity based infrastructure.
Cloud-enabled, self organizing, application aware, identity-based infrastructure
Aerohive Networks - Simpli-fi Enterprise Networking

4. Education Focus – Customer Sample
K-12
Primary
Secondary
College / University

5. Customer Focus - Education
Key Considerations
Aerohive Advantage
1:1 Programs
Mixture of device types
No data bottlenecks
SLA and Dynamic Airtime Scheduling
Capacity
Restrict network access
Secure guest access
Integrated RADIUS, Firewall, WIPS
Captive web portal with PPSK
Security
No single point of failure
Mesh support
Reliability
Downtime costs learning
Simple to use
Visibility of clients
Simple GUI based management
Client health score and TeacherView
Management
Cost effective solution
Ability to scale
No feature licensing
Linear scalability – start small and grow
Scalability

6. Education Deployments
CAMPUS
Virtualized Mgmt & VPN Termination
Primary
Middle School
Guest, Student, Faculty
School deployed / BYOD
Data Center
Guest, Student, Faculty + Carts
Guest, Student, Faculty + Library
High School
Performance, Unified Access Layer, MDM enrollment
Cloud-enabled
Class Room
Apple TVs
Guest, Student, Faculty + Field House
iPad1:1
High School
Teleworker/
Ext. Absence
Faculty, Guests
Work, Home, 4G, Cloud Security
High Density, AD integration, Bonjour, TeacherView
Guest, Student, Faculty + Portable

7. Scalability and future proofing
Distributed (Controller-less) Wi-Fi Architecture Delivering simplicity, reliability and affordability
Management
Management within the network only
Centralized cloud-based or
Local management
Redundancy
Requires multiple controllers
Local data forwarding..what do you lose?
No single point of failure
Self healing mesh architecture
No controller tax
Scalability and future proofing
Controller capacity?
Feature licenses?
No feature licensing
Start small and grow
Distributed intelligence
(FW, RADIUS, CWP, BYOD, Bonjour GW)
Performance
Data bottlenecks
QoS, Spectrum analysis..$$$
No data bottlenecks
Service Level Agreements
QoS & Spectrum analysis included
How does it work?
Architectural Alternatives
Central Vs. Distrib. Control

8. Enterprise Wi-Fi Features
Optimization
Mobility
Distribution
SLA, QoS & Dynamic Airtime Scheduling
Layer 3 Roaming
Load
Balancing
Band
Steering
450Mbps
54Mbps
11Mbps
2.4 GHz
5 GHz
High Powered Radios, Receive Sensitivity & RRM
Layer 2 Roaming
Resilient Mesh
Layer 2/3 Roaming
Receive Sensitivity

9. BYO and Corp Deployed Devices
Access defined by ID & Device
MDM Enrollment
User Profiles
Corp
www
GUEST Policy
DMZ
FW = Web Only, Limited Apps
1Mbps per user
M-F 9am-5pm
BYOD Policy
Restricted VLAN
FW = & Web, Permitted Apps
5Mbps per user
M-F 8am-9pm
CORP Policy
Corp VLAN
FW = LAN & Web Approved Apps
10Mbps per user
Approved Apps get priority
24HR Access
MDM
Quarantine
Enroll
L2-7 Firewall
OS Detection
Bonjour Gateway
CWP
PPSK
RADIUS
Guest user
Corp user - BYOD
Corp user L7
BYOD & MDM
Bonjour GW

10. Security and Authentication Features
Captive Web Portal
Wireless Intrusion Prevention
Multiple CWPs able to serve scalably from every AP
WIPS
Private PSK
Stateful L2-L7 Firewall
MAC (L2) based firewall
Stateful TCP/IP firewall (L3/L4)
L7 App Visibility & Enforcement
ALGs for DNS/FTP/SIP
Policy Based Client Isolation
Multiple users, same SSID - easy but unique revocable keys
Directory Integration
Remote Site Content Security
Authentication support for common directory servers
Eliminates standalone RADIUS server
Credential caching for remote/branch survivability

11. Routing, VPN and Switching features
Cloud-enabled Networking
Unified Wired & Wireless Mgmt
Wi-Fi
Wired
Routing / FW
VPN
Same Policy and Network
Address/L3 Service
PoE-PSE, 3G/4G USB
PoE
PoE
3G/4G
L2 & L3 IPSec VPN
Robust Voice Support
SIP/SCCP/Spectralink support
Voice Enterprise (Q1)
Detection of IP phone OS
802.1X/Access control
Dynamic QoS for voice traffic
Branch on Demand

12. Monitoring and Reporting Features
Manage
Cloud
Management
Simple
GUI
Monitor
Topology &
Location Tracking
PCI
Compliance
Support
Client Monitor & Packet Capture
Spectrum
Analysis
Management Views

13. Less Infrastructure Costs Less Operational Costs
Reduced Capex and Opex
Less Infrastructure Costs
Cloud Management
Less Operational Costs
Zero Touch Provisioning
Client Health Score
Self Healing
Client Health Score

14. Aerohive Platforms * $99 $449 $649 $999 $1499 BR100 AP110 AP121 AP141
Indoor
Indoor Industrial
Outdoor
1-Radio b/g/n
1-Radio n
Dual Radio n
1x1:1
65 Mbps Radio
2x2:2
300 Mbps Radio
2x2:2
300 Mbps High Power Radios
3x3:3
450 Mbps High Power Radios
2x2:2 300 Mbps 11n High Power Radios
N/A
TPM Security Chip
5X Fast.E
1X Gig.E
2X Gig.E
1X Gig.E
N/A
PoE (802.3af at) and AC Power
PoE (802.3at)
N/A
Plenum Rated
Plenum & Dust Proof
Water Proof (IP 68)
0 to 40°C
-20 to 55°C
-40 to 55°C
N/A
USB for future use
USB for 3G Modem
N/A
$99
$449
$649
$999
$1499
*BR acting as AP does not support WIPS, DFS (no 5Ghz radio), RADIUS proxy or server, SNMP, locationing or TeacherView

15. Aerohive Routing Platforms*
Cloud VPN Gateway
BR100
BR200 WP
AP330
AP350
Single Radio
Dual Radio
L2 & L3 IPSec VPN Gateway (VMware)
1x1 11bgn
3x3:3 450 Mbps 11abgn
5-10 Mbps FW/VPN
30-50Mbps FW/VPN
~500 Mbps
VPN
ADD CLOUD VPN GATEWAY (CVG)
5X 10/100
5X 10/100/1000
2X 10/100/1000 Ethernet
1000 Tunnels
0 PoE PSE
2X PoE PSE
0 PoE PSE
2 Virtual Interfaces
~ Users
~ Users
~ Users (as a router)
$99
$699*
$999
* Also available as a non-Wi-Fi, non PoE device - $499 (BR200)

16. Aerohive Switching Platforms
SR2024
SR2124P
SR2148P
24 Gigabit Ethernet
48 Gigabit Ethernet
8 Ports PoE+ (195 W)
24 Ports PoE+ (408 W)
48 Ports PoE+ (779 W)
4 Ports 1G SFP Uplink
4 Ports 10 Gigabit SFP/SFP+ Uplink
Routing with 3G/4G USB support and Line rate switching
56Gbps switching
128Gbps switching
176Gbps switching
Single Power Supply
Redundant Power Supply Capable
$1799
$2599
$3999
Available Mid 2013

17. Aerohive software platforms
SW Config, & Policy, RF Planning, Reporting, SLA Compliance, Guest Management, Trouble Shooting, Spectrum Analysis
HiveManager Online
Scalable multi-tenant platform, Redundant data centers with diversity, Backup & Recovery, Zero touch device provisioning, Flexible expansion, On demand upgrades, Pay as you grow
HiveManager Virtual Appliance
VMware ESXi, HA redundancy
15,000s APs with specified configuration
HiveManager Appliance – 2U
Redundant power & fans, HA redundancy, APs
HiveManager Appliance – 1U
HA redundancy, 500 APs
StudentManager
VMware ESXi
Up to 50,000 students

18. Aerohive Networks A single architecture for the network edge
Cloud-enabled, self organizing, service aware, identity-based infrastructure
Aerohive Networks - Simpli-Fi Enterprise Networking
Unified policy and security mgmt, from the cloud
Wi-Fi
Wired
Routing / FW
VPN
Same Policy and Network
Identity & Context Aware e.g. Network firewall on the router knows identity & role of the clients on APs
Service Aware e.g. AP know the Bonjour services to advertise across the L3 enterprise boundaries
Users want to WORK anywhere on any device
You want to let them without drowning in complexity or compromising security, reliability and affordability.
Yesterday
Corp deployed enterprise devices
desktop, laptop, handsets, scanners
WLAN overlay
coverage, convenience, HQ orientated
Network centric
policy based on rigid, port/VLAN & SSID
Monolithic
“Build it and they will come” scalability
Today
Corp / BYOD enterprise / consumer devices
laptop, smart phone, tablet, Apple TVs, “AirPrint” Printers
Ubiquitous Wi-Fi Access
capacity, performance, mission-critical, extended enterprise
User Centric
Consistent policy based on identity, role, context
Elastic
Pay for what you need - leverage the cloud
Aerohive gives you the ability to achieve this simpli-fi-ing enterprise networking by delivering a self organizing, service aware, identity based infrastructure.
Aerohive Networks where increased performance and capacity does not mean increased complexity!

19. Thank you!

20. Wired and wireless Infrastructure 2012 MQ Aerohive is a Visionary!
A Magic Quadrant Visionary for wired and wireless Infrastructure
The strongest “completeness of vision” in the quadrant (the farthest to the right)
An innovation leader with products such as its Bonjour Gateway and its cooperative control architecture, which eliminates the need for a dedicated controller and provides a cost competitive solution without sacrificing functionality.
Aerohive should be considered for any overlay WLAN enterprise opportunities in North America, Western Europe or Australia/New Zealand, especially in the education, healthcare and retail markets.
Its controller-less, mesh-based architecture provides an easy-to-use and robust solution with lower operational costs, which makes it a standard bearer for market pricing of equivalent functionality.

21. How does it work?
HiveManager NMS
Reporting
Heat Maps
SLA Compliance
Policy Configuration
Wireless
Network
Wired
Network 
With Cooperative Control, clients can securely and seamlessly roam across the WLAN
With a second HiveAP, fast stateful roaming, cooperative RF, station load balancing and seamless resiliency are enabled
Cooperative RF power levels minimize co-channel interference
As more HiveAPs are added, coverage, reliability and backhaul bandwidth increases
Mesh networking and best path forwarding can be used for extra resiliency and reachability
Dynamically reroutes around failures
HiveAPs are discovered, policy is pushed and the WLAN is operational
HiveManager is a single mgmt interface for configuration, OS updates & monitoring of thousands of devices
A single HiveAP by itself acts as a full-featured enterprise class access point
Identity-based security, including stateful inspection FW, rogue detection & mitigation
Airtime Scheduling, SLA compliance and local forwarding implemented at the edge
Dynamic best path forwarding and stateful roaming provides resiliency without a single point of failure
With Cooperative Control, clients can securely and seamlessly roam across the WLAN
And now I’d like to take you through a brief example of how you can deploy this technology into your enterprise network. On the right of your screen you see a simplified enterprise switch topology, with four access layer switches and two aggregation switches. We can start by bringing in a single HiveAP into the network infrastructure and connecting it to one of the switches.
The single HiveAP by itself acts as a full-featured enterprise-class access point -- robust functionality with the identity-based security and quality of service, and local forwarding at the edge of the network. When you bring in a second HiveAP, they are joined together in a hive, and then you start to see the power of the cooperative control architecture.
They work together to implement fast, stateful roaming, cooperative RF control, station load balancing, and provide seamless resiliency. For example, on your screen you can see the circles around the two access points are of different colors. Those represent the channels, the access points are working on.
There are channel negotiation protocols that work together to make sure they’re running on separate channels. The access point that the laptop is connected to has taken the user state and the keys and has shared that with the next top neighbor, so that next top neighbor is able to implement predictive roaming.
So when the laptop moves, he will roam seamlessly to the next top neighbor, with roam times well under 50 milliseconds, because his state and security has been pre-populated at that access point. We can also implement mesh networking and best path forwarding for extra resiliency and reachability. The mesh networking protocols will dynamically re-route around network infrastructure failures.
For example, on your screen you can see the two access points are connected together with a mesh link. The red X shows that the switch has failed, but the mesh routing protocols will route the traffic around the switch failure and will allow applications to continue uninterrupted even in the event of a LAN infrastructure failure.
The network can be seamlessly scaled by simply adding more HiveAPs as needed, as you need more coverage, you want more reliability or more back-haul bandwidth into the network infrastructure. You don’t have to worry about capacity planning up front because there were no fixed constraints around your controller capacity.
In this topology, four of the HiveAPs are wired directly into the Ethernet network, what we call portals, and one of the HiveAPs on the bottom left is wired as a mesh node, where the cell phone is connected to. With a more complex topology like this, we now have many more access points, and many of them are running on the same channel.
To eliminate co-channel interference, the cooperative control auto power level adjustment features kick in and power levels are adjusted to provide maximum coverage with minimal co-channel interference, allowing the system to give you the most robust wireless infrastructure possible.
With a more complete deployment like this, with more nodes and more alternative routes through it, you have even higher levels of resiliency. You can recover from multiple failures in your wired or wireless infrastructure.
As we’re showing here, we have had two switch failures and a wireless LAN access point failure, and the traffic is still routed around through multi-hop mesh into the network infrastructure, providing unprecedented levels of resiliency. And not only does the cooperative control architecture provide these functionality advantages and technological advantages, but it provides substantial economic advantages when deploying a wireless LAN.  

22. Architectural Alternatives
Redundant Centralized Data Forwarding & Control
Fully Distributed Forwarding & Control
NMS
WAN HQ
Controller
NMS
WAN HQ
High Performance Highly Reliable & Cost Effective
Controller 
More Reliable But Expensive
Authentication
Auto RF
L2/L3 Roaming
QoS
WIPS / Rogue Detection  $
Controller
Reliability
Centralized Data Forwarding & Control
Distributed Forwarding with Centralized Control
NMS
WAN HQ
Controller 
NMS
WAN HQ
Controller
Controller
Controller  Or
Controller
Controller in the Data Center
Controller in the Cloud 
Authentication
Auto RF
L2/L3 Roaming
QoS
WIPS / Rogue Detection
Controller Failure = WLAN Failure 
Loss of control means they become expensive Fat APs
Performance & Cost Effectiveness

23. Centralized versus Distributed Control
Shared Control Plane Processing
Parallel Control Plane Processing
Over Provisioning
(Pay too much)
Processing & Cost
Scalable Processing
(Pay for what you need)
Under Provisioning
(Impact Performance)
Physical Controller (Virtual Controller)
( )
Control Functions
User Authentication
Role-based Access Control
Captive Web Portal and Guest Access
Self-Tuning RF Management
Channel selection & power level
Client load balancing & band steering
RF Threat Protection and WIPS
Secure Fast Roaming (L2 & L3)
Voice over WLAN & QoS support
Dynamic Mesh Failover
Cooperative Control

24. User associates and authenticates and keys are distributed
Layer 2 Roaming
RADIUS Server
User associates and authenticates and keys are distributed
AP predicatively pushes keys and session state to one hop neighbors
As client roams and associates with another AP the traffic continues uninterrupted
Roam 24 24

25. Layer 3 Roaming Router Subnet B Subnet A 25 GRE Tunnel
Like Layer 2 roaming the Layer 3 roam predicatively pushes keys to one hop neighbors.
In order to maintain IP connectivity a tunnel is created to home subnet.
Tunnel continues to follow roaming user until sessions end then tunnel is terminated and the user accesses the local network 25

26. Topology Floor Plan View
Global View
“Subnet 2”
“Subnet 3”
Access Point
Client
Rogue AP

27. Dashboard - Network Summary

28. Dashboard - Troubleshooting

29. Dashboard – Application Visibility

30. Single architecture for the enterprise
Cooperative control enables the same functions across multiple devices to work as if they are one device
Network firewall on the router knows identity of the clients on APs?
Switch
Context Aware
Unified policy and security mgmt, from the cloud
Wi-Fi
Wired
Routing / FW
VPN
Same Policy and Network
Service Aware

31. Handling the Client Explosion: RF Guru on the Help Desk?
Client Health Score at a glance…understanding a client’s health.
Client Health Setting -> Environment
High density, performance oriented network -> conference centers/rooms, classrooms, stadiums
Normal density network -> Standard office space, hospitals
Low density, coverage oriented network -> Warehouse, outdoor, hospitality
Automatically Remediate Client & Network Issues
Move Clients
Band steer or load balance clients triggered by low client health score
Airtime Boost
Boosts clients’ airtime if unable to hit performance target

32. Low Power Mobile Devices Demand an Even Better Wi-Fi Infrastructure
Gartner: "Without Proper Planning, Enterprises Deploying iPads Will Need 300% More Wi-Fi”
5 dB
5 GHz dB
2.4 GHz
20 dB
5 dB
5 GHz
8 -10 dB
20 dB
2.4 GHz
HiveAP 330
Typical AP
5 dB
2.4 GHz
10 – 15 dB
The extra 5 dB sensitivity beyond a standard AP can even out coverage for various client types
Better 5Ghz coverage enables 2.4GHz to be preserved for single band devices

33. Huge Questions on Device Ownership and Management
What is the difference between these iPads?
Almost
Everything
Consumerization of IT
Consumer devices qualified, bought and deployed by IT
Replace legacy devices
Lower HW costs
Flexible, powerful
Enable new working models
BYOD
Enable employees to bring their device of choice
Not owned or controlled by IT
Wide range of devices
Driven by employee satisfaction and shifting of CapEx spend
Embrace
MDM Agents on Devices
More App Flexibility
Contain
Network-based MDM
Secure Apps Only (e.g. VDI, Citrix)

34. Solution Scenarios: Network & Agent Based MDM Solutions
Embrace (Consumerization of IT)
Contain (BYOD)
Corp
Corp
www
www
MDM
Quarantine
Enroll
Access
Isolate
Network-based MDM
Enrollment
- CWP, PPSK
- AD integration
Access Control
- Device/OS Type
- Domain Membership
Policy Enforcement
- QoS, Security
- Apps (e.g., VDI only)
Profile-based MDM
Device Mgmt
App Mgmt
Policy Enforcement and Compliance
Force MDM profile install

35. Policy based on Context Identity, Device, Location, Time of Day
CORP Policy
Corp VLAN
LAN & Web FW
10Mbps per user
24HR Access
BYOD Policy
Restricted VLAN
& Web FW
5Mbps per user
M-F 8am-9pm
GUEST Policy
DMZ
Web Only FW
1Mbps per user
M-F 9am-5pm
L2-4 Firewall
OS Detection
RADIUS
PPSK
CWP
Corp user
Corp user - BYOD
Guest user

36. Solution automates MDM Enrollment
Policy Configuration
HiveManager
Administrator specifies JAMF enrollment URL in HiveManager 1
iOS device
Apple device attaches to network 2
Aerohive AP
MDM server
AP queries JSS server: is this a known device? 3
If an unknown device, the device is redirected to JSS Server for enrollment
Click here to enroll your device and begin using the network. . .
Please enroll your device on the following page. . . 4

37. Contain Strategies Enhanced by Service Aware Infrastructure
Strategy
Access to the Right Resources
Corp
www
Bonjour Gateway
Let AirPlay and AirPrint work in the Enterprise
Service aware network
Enable & control service advertisement and discovery across subnets
Guest, BYOD
AppleTV
(AirPlay)
Printer
(AirPrint)
Bonjour

38. Bonjour Gateway – Aerohive & Non Aerohive Networks
Router / L3 Switch
Optionally attach to both subnets for non Aerohive
AppleTV (AirPlay)
Share Services List
Bonjour GW Feature ON
“with filters”
Server:
(file sharing etc)
Printer
(AirPrint)
SSID
“Subnet #2”
SSID
“Subnet #1”
Multi-Vendor – Works in both Aerohive and Non-Aerohive networks
Plug and Play – No requirement for VLAN and Multicast gymnastics
Flexible – Supports bi-directional service advertisements
Efficient – No tunneling, only sends changes in service, with option to filter
Secure and Scalable – Preserves enterprise security & data forwarding methodology
Available for beta Q2; shipping mid year
iPad can
AirPrint or AirPlay
iPad can print and project via AirPrint & AirPlay

39. Branch / Teleworker Options How does an IT organization scale to meet the needs of today’s evolving “Branch”?
SSL VPN
Pros:
Works great for a single client
Cons:
Per-connection licensing
Client for VoIP phones?
No consistent policy
Consumer
Pros:
Inexpensive
Wired/Wireless Support
Cons:
No centralized management
No consistent policy
Traditional
Pros:
Centralized Management with consistent policy
Cons:
Start around $1000
Requires expensive head-end solution
Pre-staging required

40. Deployment Scenarios - Teleworker
Deployment Scenarios – Small Branch
Deployment Scenarios - Teleworker HQ
Cloud VPN Gateway
(VPN Concentration)
3G/4G
Primary/Backup
WAN/VPN Gateway
Cloud Service Platform
Internet
HiveManager Online
Guest
Access
Home Network - Internet Access Only
Corporate Access via VPN & Internet via Cloud Security
Corporate Access

41. Customer Focus - Education
Key Considerations
Aerohive Advantage
1:1 Programs
Mixture of device types
No data bottlenecks
SLA and Dynamic Airtime Scheduling
Capacity
Restrict network access
Secure guest access
Integrated RADIUS, Firewall, WIPS
Captive web portal with PPSK
Security
No single point of failure
Mesh support
Reliability
Downtime costs learning
Simple to use
Visibility of clients
Simple GUI based management
Client health score and TeacherView
Management
Cost effective solution
Ability to scale
No feature licensing
Linear scalability – start small and grow
Scalability

42. Customer Profile - Education
Problem/Requirement
Accommodate an influx of Apple iPAds, iPods and other Wi-Fi devices
Enable students to use the same device in the classroom and at home
A WLAN that was resilient,, centrally administered, easy to manage, secure and cost-effective.
Located in North Carolina, the sprawling Rowan- Salisbury School System is an educational force to be reckoned with. It’s comprised of 35 schools, about 20,000 students, and about 3,000 employees. It’s the largest employer in Rowan County
Solution
“It was probably not the most known product when I first started looking at it. But the more I looked, I thought: this is just a really neat product. And then when we started doing the tests, everything that they said the product would do, it did. It’s just been a great experience for us.”
Phil Hardin
Executive Director for Technology Rowan-Salisbury School System
Aerohive’s controller-less cooperative control Access Points deployed pervasively
HiveManager used to monitor entire wireless network and all client activity
Highly resilient WLAN network that both easy to manage and cost effective
Results
Students and teachers making great strides in using Apple iPads and iPods for everything from data collection to video
“Everything worked flawlessly. We knew then that product, in terms of providing us with the service and the bandwidth, was going to be there.”

43. Customer Focus - Healthcare
Key Considerations
Aerohive Advantage
Voice over IP
Bedside monitoring and telemetry
Full voice support with QoS engine
Location tracking integration
Mobility
Restrict network access
Secure guest access
Integrated RADIUS, Firewall, VPN, WIPS
Captive web portal with PPSK
Security
No single point of failure
Self healing mesh architecture
Reliability
Downtime costs lives
Centralized visibility
RF management
Centralized GUI based management
Spectrum analysis as standard
Management
Cost effectiveness
Ability to scale
No feature licensing
Linear scalability – start small and grow
Scalability

44. Customer Profile - Healthcare
Problem/Requirement
Make electronic medical records applications portable and provide wireless access to Brookdale’s guests and families
Meet compliance standards for secure healthcare environments
A WLAN that offered resiliency, reliability, and performance and at the right price
Largest Assisted Living and Retirement Community Company in the US delivers higher levels of care with Wi-Fi and EMR, and Provides Wireless Internet Access to Residents
Solution
“We found that when we wanted to get into true enterprise wireless, we wanted to reduce costs by not having controllers in place,” Fadrowski said. “In a controller-based solution … to deliver the functionality we required we had to have a controller here in Milwaukee (where the data center resides) and a controller in every community, thus raising costs quite a bit, adding to single points of failure, and having to build in more redundancy and more cost with controller-type systems.”.
Chris Fadrowski
Senior Director of IT Infrastructure
Aerohive’s controller-less cooperative control Access Points
HiveManager NMS provides centralized configuration and monitoring and simplifies provisioning for system-wide policy management
Results
Engineering team has so far purchased more than 1,000 Aerohive APs for about 55 sites.
Brookdale has plans to purchase about 6,000 Aerohive APs over the next five quarters to deploy WLAN’s to all of its 645 communities.

45. Customer Focus - Distributed Enterprise
Key Considerations
Aerohive Advantage
Cost effectiveness
Ability to start small and grow
No feature licensing
Linear scalability – no controllers
Scalability
Restrict network access
Guest access
Integrated RADIUS, Firewall, WIPS
Captive web portal with PPSK
Security
No single point of failure
Branch survivability
Reliability
Downtime costs money
Management
Multiple sites
Centralized cloud based management
Remote sites and teleworkers
BYOD
Cost effective teleworker/branch VPN
BYOD flexible/secure policy enforcement
Accessibility

46. Customer Profile – Enterprise
Problem/Requirement
Foster collaboration and productivity among employees
Reliable support voice over Wi-Fi
Provide a wireless guest network for visitors
Reduce infrastructure costs by deploying wireless
Aerohive met all of our requirements – it was hands down the best in terms of cost and value add,”. “From a cost perspective alone, Aerohive made the most sense because the cost of installing everything is modular with Aerohive. We avoided that big up-front cost you get with the controller-based vendors.”
Eric LeSatz, VP of Technical Operations,
Folio Investing
Solution
Controller-less architecture resulted in significantly lower costs
WLAN reliably handles bandwidth-sensitive applications e.g. voice over Wi-Fi
Users no longer forced to connect and reconnect when moving within buildings
Guests, or employees with personal devices, can securely access the internet
Results
Were able to move headquarters and spend half the money
Folio has also achieved seamless user mobility employees who are now free to move around the office using softphones in order to collaborate on customer issues

47. Customer Focus - Retail
Key Considerations
Aerohive Advantage
SLA and Dynamic Airtime Scheduling
Load balancing and band steering
Performance
Mixture of device types
Payment details secured
Secure guest access
PCI compliance, Firewall, VPN, WIPS
Captive web portal with PPSK
Security
No single point of failure
Self healing architecture
Reliability
Downtime costs money
Multiple sites
Monitor system security
Centralized cloud based management
PCI reporting and security auditing
Management
Cost effectiveness
Ability to scale
No feature licensing
Linear scalability – start small and grow
Scalability

48. Customer Focus – Manufacturing & Distribution
Key Considerations
Aerohive Advantage
Seamless Roaming
Voice over IP
Fast secure L2/L3 roaming
Full voice support with QoS engine
Mobility
Restrict network access
Protect external threats
Integrated RADIUS, Firewall, VPN
Wireless intrusion prevention system
Security
No single point of failure
Self healing architecture
Reliability
Downtime costs money
Multiple sites
RF management
Centralized cloud based management
Spectrum analysis as standard
Management
Cost effective solution
Ability to scale
No feature licensing
Linear scalability – start small and grow
Scability

49. Customer Profile – Retail
Problem/Requirement
Required compliancy with PCI and other security capabilities, including rogue access point detection and mitigation
Needed a solution that is easy to manage without technical staff needing to be present at restaurant locations for trouble- shooting
A solution that could grow with restaurant’s needs
We set up our Aerohive HiveManager network management system and built default templates based on the model of the equipment,” says Stafford. “We were up and running in less than an hour. It was pretty much plug and play.” Once that template was set up we shipped the APs directly to the restaurants. Once the devices were plugged in at the restaurants they automatically received their initial configuration including security settings. This really impressed me because it saved us a tremendous amount of time and money on pre- staging each device.”
Drew Stafford
VP of Information Technology, Macaroni Grill
Solution
Secure access at the restaurants by area directors, who are mobile and constantly different locations
Aerohive’s Private Pre-Shared Key (Private PSK) lets legacy and hard-to-manage wireless LAN clients use strong encryption and authentication
Automated Rogue access point scans
Results
I am completely satisfied with the PCI- compliance I get from Aerohive. There is a high probability of receiving a fine if your company doesn’t comply,” says Stafford. “All credit card information is being kept completely separate from the WLAN.”

50. Customer Profile – Logistics
Problem/Requirement
Improve reliability of wireless network
Find solution that supports cloud-based, centralized management to improve ease-of-use
Achieve 100% wireless network uptime required of a global freight transportation and supply chain management provider
As a leading provider of freight transportation and supply chain management, and with 40 years in the industry, Averitt Express knows the value of dependability. Customers in the more than 100 countries it serves expect their goods to be delivered as promised, and Averitt enjoys a solid reputation for customer satisfaction.
Solution
“Aruba and Cisco offer a resolution to the redundancy problem by suggesting a backup controller for each location, but why would we spend extra money when we didn’t have to? Aerohive’s controller-less wireless architecture was the way to go—hands down..”
Angie Tellmann
Networking Services, Averitt Express
Upgraded from autonomous APs to a controller- less, centrally-managed wireless architecture
Deployed HiveManager Online, which lets companies grow their network without upfront capital costs beyond Aps
Utilizing Aerohive’s PPSK to secure wireless access
Results
Network uptime goal achieved, ensuring freight is delivered accurately and on time

51. Context-Based Visibility and Control
Application
Monitoring
Prioritization
Firewall
BYOD Policy
Restricted VLAN
Limit non-work apps
5Mbps per user
M-F 8am-9pm
Diff Serv or 802.1p
CORP Policy
Corp VLAN
Prioritize Work Apps
10Mbps per user
24HR Access
Real-time dashboards
Custom reporting
QoS level assigned to each application
Prioritization and policing
Block evasive and non-business applications
Apply rules per user profiles
GUEST Policy
Guest VLAN only
No Netflix or BitTorrent
1Mbps max per user
Restricted to 9-5 M-F