Aruba’s SD-Branch team recently completed independent testing with Miercom to provide solution validation along with verification of performance and security for SD-Branch and SD-WAN features.
The Miercom report concluded that that “the Aruba SD-Branch solution goes beyond traditional SD-WAN solutions by unifying LAN, WLAN and WAN with unique and impressive capabilities.” This was an excellent additional proof point: We have hundreds of customers and many with hundreds of sites, and now are proud to share this additional point of authentication.
Declaring SD-Branch as Miercom Performance Verified, Robert Smithers, Miercom’s CEO, presented us with a certification award and gave a short presentation at RSA Conference 2020 on February 26.
Receiving the Miercom Performance Verified Award
Key Aruba SD-WAN Features
Aruba’s SD-WAN solution includes a wide range of gateways (including virtual gateways for public clouds and automated deployment) ranging from 1 Gbps to 40 Gbps, all with L4-L7 firewall and URL filtering capabilities. These highly resilient gateways support active-active redundancy, meaning that WAN uplinks can be shared with one uplink connected to each gateway over which a virtual uplink is created.
In terms of installation and management, the Aruba Installer includes ZTP support and Aruba Central includes multi-tenant management with a single pane-of-glass to view control plane state, routing, tunnel management, and the ability to modify control plane policy. Central supports hierarchical configuration management, wherein you can push a single change instantaneously to hundreds of devices.
The SD-WAN solution monitors and forwards traffic based on unified, role-based application-centric policies that can be specified for over 3,200 applications based on users, entities and network domains. This support includes optimization of SaaS applications.
Aruba Advantages
The key advantages cited in Miercom’s report included the following:
- Single-pane, cloud-based management with Aruba Central
- Simplified deployment for the solution
- Sophisticated and seamless SD-WAN orchestration
- High performance (validating data sheet specifications)
- Role-based policies
- Cloud provider integration and
- Unified security
Report Coverage
The Miercom report includes sections on management, SD-WAN, SD-LAN and security. The management section walks through the install manager workflows, detailing our zero- and one-touch provisioning (ZTP and OTP) options using the Aruba Install Manager, as well as our auto-recovery features. ZTP and OTP automatically map configurations for every endpoint, which eliminates manual provisioning and makes deployment highly scalable for up to thousands of branches.
The SD-WAN section describes the usage and benefits of our tunnel and route orchestration, which automatically creates an overlay network between branch gateways and headends by building IPsec tunnels and dynamically exchanging routes throughout the overlay network. Miercom also verified our support for application-aware routing and dynamic path steering (DPS) with policy-based routing.
Application-aware routing determines traffic paths based on user roles, application categories, source/destination or fully qualified domain name (FQDN), while DPS allows application traffic to switch links based on SLA conditions that call for a better-performing uplink. Also featured in this section are virtual gateways, data center failover (which is typically on the order of 30 seconds to establish traffic on a new headend) and high availability options with active-active gateways.
Our SD-Branch features, notably dynamic segmentation, are detailed in the SD-LAN section of the Miercom report. This unique feature ensures simplified operations and an improved security posture by enforcing all the policies on the gateway. Gateway performance was also verified in this segment of the testing: the Aruba 7005 (our smallest model) ensures up to 1.3 Gbps of throughput.
In terms of security, we verified control plane policy, which is enforced by stateful firewalls on our gateways, as well as application-based security policies to identify and control traffic. Finally, our gateways enforce Zero Trust in the branch though integration with third-party solutions such as the Zscaler Security Cloud Platform.
Learn More
Please download the report and/or discuss it with your Aruba representative. The report contains extensive links to additional technical resources.
Aruba SD-WAN Technical Notes on Aruba Support Portal
Aruba SD-WAN and SD-Branch Online Help under Aruba Central
Aruba Networks Technical Guidance (including SD-WAN)
