Aruba Wireless Review

Overall a good product that provides role-based authentication native to the controller, but has code stability issues

What is our primary use case?

We run a number of guest wireless networks with captive portals with layer 3 networks. We run .1x for corporate SSIDs or wireless networks for additional certificate-based and/or WPA2 security.

How has it helped my organization?

Aruba has a lot of features that work particularly well. One of the things that Aruba is trying to do in most of its product ranges to make sure that all of their products now have a fully functioning northbound set of APIs. That basically means that you can plug it into any kind of system that you have for some operational pieces. For example, if you want to have Tufin, but more in line with things like change management. We're a ServiceNow shop, so we use that for change management and orchestration.

The ability to use the APIs that are available in the Aruba Wi-Fi controller means that you can get information from the system very easily by using APIs, or you can push changes to it. So, if you want to lock administrators there and restrict the type of functions that people can do, you don't have to give them access to the systems anymore. 

This functionality has been useful for us because we have recently outsourced a lot of our lower operational tasks to an outside vendor. With that, obviously, other people need to access systems, but we don't always want to give them direct access to the system. So, we can provide them with APIs to be able to perform basic tasks without giving them access to our dashboard services.

What is most valuable?

Aruba is an industry leader. The hardware is on par, and its performance is also on par with anybody else. The Aruba brand really only focuses on wireless, so they're not competing their R&D for switching data center products and cloud security. They're really focused on that and their underlying key pieces. 

They provide a role-based authentication that is native to the controller. A lot of other systems don't do that. They won't provide you the ability to basically have everybody join the network, regardless of whether or not they share the same network space, the SSID, or the wireless LAN. You can segment it down to a specific user role based on any kind of attributes that you like. That's their differentiator. If you need per user, per device, or per port segmentation, you can get that with Aruba. There isn't another vendor who does it.

What needs improvement?

Currently, the stability of the code is the basic underlying problem for us. They had an 8.6 release that came out two weeks ago, but we had to migrate twice because the code wasn't stable. We can't get things to work the same way. Version 8 was a big change for them. They made a change so that it is forced to be a managed hierarchical system. It means that you make changes at the top, and it pushes them downstream. There are a lot of problems with the 8.6 version code. I ran into four bugs in one week and was informed that we should just move onto the next one because all of those fixes have taken place. The feedback loop for fixes is not always really relayed back to you.

I don't have a lot of strong things to say about version 8.6. When we had version 6, the controller was pretty much rock solid. We had no problems. We made a heavy investment to migrate a lot of stuff to take advantage of things like WPA3, Wi-Fi 6, and all that kind of stuff, and we haven't been able to turn those features on because we are not confident that they are going to work just yet. So, right now, we're still very much stumbling through the version 8.6 code and just trying to make sure that it is safe before we turn on some of those features. 

In terms of the marketplace, they are one of the top three leaders. In some respects, one of the things that they focus on is wireless. Therefore, there are some things that should be beyond reproach, as far as I'm concerned. In terms of the stability of the code, there are always going to be bugs, but the core stability of the code needs to be there. When it is not stable, that's a real problem for me because you lose a lot of confidence in the products.

For how long have I used the solution?

I have been working with Aruba Wireless for about four years now.

What do I think about the scalability of the solution?

It is pretty good. There are a lot fewer people in the office, obviously, because of COVID. Under normal situations, we were probably about 2,000 users a day. Between 40% to 50% of that would be corporate users with mobile devices, such as iPhones, as well as laptop users accessing corporate resources and the corporate LAN. We also have guest users.

They are really moving towards making it cloud-based and less attractive for you to use on-premises. There are still a number of limitations with the cloud. One of the reasons we don't use cloud controllers is that they're not able to support more than 250 access points per tenant instance. For example, you have two sites. One has 200 APs, and one has 300 APs. You could put one site in the cloud so that you wouldn't need to have on-premises wireless controllers. You could manage it all from the cloud instance, and you would have zero hardware and all that kind of stuff. 

However, you wouldn't be able to deploy the second site in the cloud because you can't put more than 250 APs. So, now you have got to go back to doing it the old-fashioned way, which is to have on-premises controllers or two management suites. You don't want to do that because the way this new code works is that it is hierarchical, meaning that you build your configuration centrally, and then you push it down to your access points or your local controllers. So, if you've got one management session in the cloud and one management session on-premises, you would have to manage them at two places.

I do understand that you can configure that local hardware. So, for the site that has 300 APs and a local controller, you could plug that controller into the cloud, but it is still for two different models. So, the companies that just want to have a very simplified setup or want to make it less complicated, they can just say that we're going to go cloud or just stay on-premises, but now you have to have a combination of both, or you just stay with on-premises. There are still some basic limitations preventing us from doing wireless deployments where controllers are based in the cloud.

How are customer service and technical support?

I use them a lot. Sometimes, I use them every day. They are pretty good. There is a problem in getting hold of people. That may be just because of COVID, but it is very much dependent on when you call and the type of issue that you have.

If it is a fairly standard issue, if you need assistance with a programming or configuration change, or if you need to know how to do something, you can normally get a very quick resolution. The meantime for resolution is pretty quick. It is within that call, half an hour, or one hour. You can generally speak to somebody. If it is some of the things that I have experienced or a bug, it can be very problematic. It could take days or weeks to get resolutions.

The basic stuff is really good. Anything past that, you probably need to have a dedicated support engineer on your camp if you're big enough, or you need to have resources that really know how to do the legwork beforehand.

Which solution did I use previously and why did I switch?

I worked for a company that had Cisco for many years. Actually, towards the end of that, I switched them from Cisco to Ruckus. I did a POC and a pilot between Ruckus and Aruba, and Ruckus came out on top because of its simplified approach to wireless networking. I have also used Meraki, which is Cisco's cloud-only based AP solution. 

Cisco is like the other de facto. A lot of shops are all Cisco. Their hardware is probably on par with Aruba in terms of processing and handling capabilities. Features are also probably the same. It is more like a Ford-GM question. If you were brought up in a Ford household, you are probably going to buy a Ford sort of thing. I don't think there is much to them, to be honest.

The differentiator for me is that Cisco has a product, which is its network access control system, called ISE or identity services engine. That's a terrible product. It really is an awful product. It is very cumbersome, and it makes adding network access control to your wireless and wired networks very problematic. Aruba's product is called ClearPass, and it is a very flexible tool and easy tool. It is a much more reliable tool. While it doesn't have all the features that you can use with Cisco, it is a standard network application system, which means it will work with any vendor for any system. So, you can do 90% to 95% of the stuff you want, and it is a much more stable and capable system. This difference and the price are differentiators for me. 

From a purely wireless perspective, I think that Aruba is number one. Cisco is a very close number two, and then Ruckus is actually a distant third. Ruckus doesn't have all of the advanced capabilities, but what it does, it does very well. If you want a very basic entry-level wireless that is cheap for K-12 schools or a lot of environments like that, you can use Ruckus. If you need some of the advanced stuff, then you're going to have to pick one of the other solutions.

How was the initial setup?

I would say it is straightforward. It is just that it is a backward way of doing it. They had a fundamental shift in the way you deploy configurations in version 6 to version 8. So, basically, you would do one way in version 6, and then they completely reversed it in version 8. When you come into the product for the first time, it is easy and fairly straightforward. It is an easy adoption process. If you have got lots of experience with the previous version of code, such as version 6, and then you move to version 8, it is very confusing.

What's my experience with pricing, setup cost, and licensing?

Aruba is probably cheaper than Cisco, and yet you get all the things that you want.

What other advice do I have?

I would recommend Aruba Wireless, but it depends on the size and the scope. If you are a large-scale enterprise, you are going to need to deploy something large. If you are a big university or something, you are going to have to pick one of the big three, which, in this case, is going to be Cisco, Aruba, or Juniper. Juniper's Mist is a recent addition that is hugely popular right now because of a lot of the stuff it does in the cloud. They are all cloud-based controllers, and they integrate machine learning into all of your analytics to give you data. 

I think that Aruba Wireless is a good product overall. They have some code issues with this change as most vendors do when they go through a major change. The product hardware is really good, and they have additional capabilities that Cisco doesn't have, like being able to do per-port tunneling so that you can keep isolation on. They are building features, and you could only make use of these if you extend out and use all the Aruba products like Aruba switches, Aruba ClearPass, etc. 

I've had a couple of conversations with them about the next release, which is actually pending. I don't think it is happening this year. It will happen next year. Version 10 is their next step of code, and it is geared more towards automating a lot of the setup. There are still a lot of manual tasks that you have to do. The automation piece has been something that has really garnered a lot of interest from the wireless community in terms of being able to set networks up. You can just buy access points and just throw them up, and once they're powered on, they communicate with zero-touch provisioning and all that kind of stuff. A lot of the automated processes are coming along, such as the ability to tie in cloud-based analytics to look at your reports, training, or data, like Juniper Mist is doing.

There will also be a change in the user interface. They have now brought in things like COVID tracking. It is not like they are adding features that the market wants. They will add the ability for you to be able to write things that you want to see so that you can basically do your own SDK, if you like, and more easily be able to tie that into what you're doing. I'm not sure whether they'll offer that within the version 10 code.

I would rate Aruba Wireless a seven out of ten. The negatives are the instability with the specific versions of code. These could be specific versions of code, but the newer features, such as WPA, WiFi 6, require some of the newer code. The newer code isn't really very stable yet. The high point would be that it is still an industry leader with on par hardware and performance like anybody else.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Aruba Wireless reviews from users
...who work at a University
...who compared it with Cisco Wireless
Add a Comment