Wireless Infrastructure

12:43 PM
Lee Badman
Lee Badman
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%
Repost This

How To Control Applications On Aerohive WLANs

Aerohive includes application visibility and control features that let you identify and set policy around popular applications crossing your wireless network. Here’s how to set it up.

The modern WLAN system is so much more than just a client access framework. It also offers a slew of security and performance-enhancing features that can increase the value of your wireless network. In this piece, I'll walk through how to use Application Visibility and Control (AVC) feature on an Aerohive wireless network.

AVC delivers information on client behavior that used to only be available from a mega-analyzer tool in the network core. AVC reports on applications in use across the WLAN, and lets administrators set policies to restrict or prioritize particular applications. This means you can ensure that business apps don't get crushed on the WLAN by users indulging in Hulu and YouTube.

Some vendors, such as Cisco, tack on licensing requirements for AVC capabilities, while others include the feature in the overall price. AVC is included with Aerohive's HiveManager. I run a small Aerohive network, so I was very pleased to see AVC show up as part of an update to my online HiveManager account.

It's up to you to enable and define how you want AVC to work for your environment, which I'll cover how to do here.

This walk-through assumes that you have an Aerohive WLAN and starts with a wireless network already in service. I'll show you how to see and report on applications running on your network and how to find the right fields to create usage policies.

The configuration process isn't exactly intuitive, but it's worth the trouble. I've used this capability for a couple of months now, and I can't imagine doing without AVC.

You'll need to log into your HiveManager account and ensure you're running the 6.0r2a or higher version of the code. If you have older code, just open a support ticket. Aerohive tends to be fast on the support turnaround.

After login, go to Dashboard>Applications, where I'll start the AVC configuration process. Note that before you begin, there is nothing shown in the Application window; it's up to you to shape the magic first. After you do, the page gets exciting.

AVC configuration starts with the definition of an Application Watchlist, which you'll find under Reports> Report Settings. The Watchlist is made up of as many as 30 applications to which you can apply policies. Building the list is as simple as moving applications from the left table to the right.

The applications come from a library on HiveManager, which is sourced from a third party. The list is occasionally updated during regular HiveManager updates. Because Aerohive is working from a third-party list, there are likely to be applications within your organization that won't be recognized.


(click image for larger view)
application watch list

After you define your Watchlist (and you can edit it later), hit the Update button at top of screen. At this point, you have applications of interest defined, but not pushed to your access points yet. (Remember, with Aerohive, there is no controller.)

To get the Watchlist pushed to your Aerohive APs, navigate to Configuration>Devices>Aerohive APs. You'll see the "angry red exclamation point" icon indicating a config change needs to be pushed to the APs to make them current. Select the APs that you want to participate in AVC, and then hit Update. This will bring you to a drop-down menu.

Here, you might be tempted to select "Upload and activate application signatures," but this is a point of confusion; the option you need is "Upload and activate configuration." The application signatures option applies to signature updates from Aerohive as it periodically updates its library.


(click image for larger view)
upload activate configuration

Remember, with Aerohive APs, almost any configuration change requires an access point reboot before it is complete, so make these sorts of changes during an outage window. The reboot requirement is one of the few aspects of Aerohive's operations that I wish was different.

Next page: The Payoff

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
More Blogs from Commentary
Infrastructure Challenge: Build Your Community
Network Computing provides the platform; help us make it your community.
Edge Devices Are The Brains Of The Network
In any type of network, the edge is where all the action takes place. Think of the edge as the brains of the network, while the core is just the dumb muscle.
SDN: Waiting For The Trickle-Down Effect
Like server virtualization and 10 Gigabit Ethernet, SDN will eventually become a technology that small and midsized enterprises can use. But it's going to require some new packaging.
IT Certification Exam Success In 4 Steps
There are no shortcuts to obtaining passing scores, but focusing on key fundamentals of proper study and preparation will help you master the art of certification.
VMware's VSAN Benchmarks: Under The Hood
VMware touted flashy numbers in recently published performance benchmarks, but a closer examination of its VSAN testing shows why customers shouldn't expect the same results with their real-world applications.
Hot Topics
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
Video
Slideshows
Twitter Feed