Are Application Priorities Getting Harder to Enforce?

By Dave Chen, Senior Product Marketing Manager
Share Post

This blog is the second in a series that explores how organizations can use Aruba’s Dynamic Segmentation solution. In the first blog, I explored how Dynamic Segmentation can simplify and secure and secure networks.

Wadi, the IT director at a regional bank, is commited to delivering a better experience for employees, making sure everyone has the applications and resources they need to work the way they want. But Chad, the marketing director, often complains that when he moves from Microsoft Teams on a wired conference room phone to a laptop at his desk, the call drops. He’s not the only one. Other people are complaining that video quality is bad or that the network is often sluggish.

Wadi knows the network has enough bandwidth, and he wants to find a better way to optimize bandwidth use to deliver a better user experience.

Simplify Application Prioritization
As business becomes increasingly digital, the campus network becomes more mission-critical and bandwidth-sensitive. More users, more devices and more applications means it’s harder than ever to meet user expectations. A growing number of cloud applications are changing the dynamics of traffic on campus networks and adding to the load.

These trends make service level agreements more difficult to maintain. In addition, many organizations need strong entitlements and policy controls integral to maintaining workplace security and regulatory compliance.

Traditionally, ensuring that a high-priority or real-time application like voice gets priority access to the bandwidth requires the IT team to set up a maze of configurations across both the wired and wireless networks. Skilled network admins must go deep to set up quality-of-service policies for voice and video to optimize roaming.

There’s a better, more modern way to ensure that users have a great experience, no matter where they are.

Use a Single Point of Enforcement
Aruba’s Dynamic Segmentation solution is a modern way to extend unified control over the wired and wireless access networks, simplifying the challenge of separating applications and thereby improving the user experience.

With Dynamic Segmentation, Aruba’s Policy Enforcement Firewall (PEF) technology establishes consistent segmentation of user and device traffic as it flows through the network. Policies and configurations that were once performed at different switches, access points and other elements on the campus network can be consolidated.

Dynamic Segmentation reduces manual touchpoints, while dramatically simplifying the network architecture. All traffic from a given user or device role is encapsulated in GRE tunnels, inspected and assigned the appropriate priority.

Additionally, PEF uses deep packet inspection to gain awareness into more than 3000 applications. Visibility into and control over Layer 7 applications allows IT to prioritize traffic by application as well as user and device roles. Corporate video, Microsoft Teams or sales transactions are given a higher priority over the network, while less important services, such as streaming media or visitor traffic, are delivered with best-effort.

How to Get Started with Dynamic Segmentation
Dynamic Segmentation can be used on traditional enterprise campuses and branch offices without disruption.

Most Aruba customers will have most of the building blocks of Dynamic Segmentation already. Aruba ClearPassis your single point of policy definition, enabling you to set role-based policies based on a broad variety of factors. Dynamic segmentation works across the ecosystem of Aruba APs, Mobility Controllers, and switches for the enterprise campus. The benefits of dynamic segmentation can be extended to branch offices as well.

Go Deeper
Read our other blogs about Dynamic Segmentation. 

Watch Dynamic Segmentation in action.