Aruba APs Making Mesh

The dirty secret of wireless networking is no secret to anyone: wireless requires a lot of wires. Enterprise Wi-Fi, for example, may mean seamless roaming, but each of those many access points (APs) has to connect back to a controller via a wire. Until now. Aruba Networks is building mesh capabilities into its APs so they can extend a corporate or campus networks well beyond the length of the Ethernet cabling.

“Our mesh leverages all the benefits of centralized management, policy enforcement and security,” says Mike Tennefoss, head of strategic marketing at Aruba. Better yet, the mesh capability will be available for almost all of the Aruba APs (the exception being the early Aruba model 52, which dates back to 2003).

Tennefoss says an existing network installation using Aruba equipment can just drop in the APs as needed if a data cable isn’t available. At least one AP will have to connect directly to the controller to act as the mesh cluster’s gateway.

The software module update, called Secure Enterprise Mesh (SEM), will work on both indoor and outdoor Aruba APs. Because Aruba’s networks are centrally controlled, the SEM update can be pushed out over the network to APs. That way, even though the APs in question are connected via Ethernet to the controller, if the physical connection goes down, they can be switched over to mesh (however, that’s not an automatic response).

Tennefoss is quick to point out that this is not a mesh suitable for metropolitan/municipal deployments. Aruba’s focus is on the enterprise, be it carpeted, warehouse, or a vertical like healthcare. "As a consequence, we have higher requirements," he says. "There’s no 50 hops for a signal on our network -- it’s typically six hops, maximum."

SEM is also designed to fully support Payment Card Industry (PCI) Data Security Standards, the rules governing retailers' use of wireless to send credit card data. Unlike other systems with encryption keys distributed across all the APs, making the network vulnerable if just one AP is compromised, Tennefoss says, “We do client-to-controller encryption: there’s no keys in the APs themselves.”

The SEM software is in beta now, with an expected release date in July. The upgrade won’t be free -- it’s $795 per AP to turn it into a “mesh point.”

“The key is, they don’t need a separate mesh controller or hardware,” says Tennefoss. “It’s all the same Aruba management tools they’re using. From a logistical and maintenance perspective, it’s as easy as you can get.”