Meraki vs. Aerohive Wireless Solution Comparison

vs Meraki vs. Aerohive Wireless Solution Comparison Simplified management • Intuitive, accessible interface can be configured in minutes without onsit...
19 downloads 447 Views 2MB Size
Download PDF
Love PNG Images
Meraki vs. Aerohive Wireless Solution Comparison

vs

Why Meraki wireless? Simplified management • Intuitive, accessible interface can be configured in minutes without onsite IT staff • Centrally manage thousands of devices across hundreds of networks and locations

Deep visibility and control • Network-wide management and troubleshooting across wireless and wired infrastructure • Quickly find devices with real-time search and perform diagnostics with live tools • Create application-specific policies with Layer 7 traffic shaping and apply by device type or user group

Integrated mobile device management • 100% free device management solution for iOS, Android, Mac, and PC devices with Systems Manager • Deploy security policies and device restrictions, deploy apps, and monitor inventory • No on-premise server required; Systems Manager is entirely cloud-based

System Capabilities

Application Visibility & Control Intuitive, Multi-Site Management

User & Device Management

Integrated MDM

Security & WIPS

End-to-End Visibility

2

MERAKI

AEROHIVE

Meraki provides rich layer 7 application visibility and control, with a full heuristics- driven engine for classification (e.g., Skype, BitTorrent, web traffic) and shaping. Prioritize and/or throttle specific applications or application type.

No layer 7 traffic shaping. No Layer 7 firewall. No application visibility.

Deploy multiple sites rapidly by copying settings from one network to another. Improve search ability among hundreds of networks with network tagging. Firmware updates are delivered seamlessly from the cloud to all devices, regardless of location. Manage and troubleshoot all sites from a single web-based interface.

Aerohive has a cumbersome interface that is difficult to configure, and doesn’t intuitively identify which APs are deployed at which wireless sites. No real-time search or network tagging is available. Firmware updates must be downloaded and rolled out to every AP.

Centrally manage thousands of devices with Meraki’s dashboard, which provides full client, device, and OS visibility. Assign group policies to individual or groups of devices, SSIDs, or even by device type based on preferences. Integrates with Active Directory and RADIUS/8021.X for user authentication and policy deployment. Examples of policy attributes include VLANs, firewall rules, layer 7 application blocking and/or throttling, and splash pages.

While central management of devices is supported, Aerohive does not provide complete OS visibility and cannot automatically assign group policies by device type (i.e., iPad vs. Windows 7, etc.). Integrates with Active Directory and RADIUS/802.1X for user authentication and policy deployment.

Meraki provides Systems Manager, a free mobile device management (MDM) solution that integrates seamlessly into the dashboard. Supports thousands of iOS, Android, Windows, and Mac devices. Systems Manager requires no hardware or software appliance to operate.

No integrated MDM solution. Aerohive partners with JAMF to deliver Apple-only MDM that non-educational customers must pay for. JAMF requires a dedicated, on-premise server.

Meraki’s APs include stateful firewalls, teleworker VPN, full-time intrusion scanning (Air Marshal), Network Access Control, adult content filtering, and WPA2-Enterprise/802.1X integration. Additionally, Meraki APs come with a built-in PCI compliance wizard and remediation tool. Secure dashboard access with password restrictions and two-factor authentication via SMS.

No built-in Network Access Control/anti-virus protection or adult content filtering. No PCI compliance tool. No ability to login to Hive Manager using two-factor authentication. Aerohive APs do include stateful firewalls, VPN, intrusion scanning, and WPA2- Enterprise/802.1X integration.

Deep visibility into the wired and wireless portions of your network is fully integrated. Get the same deep control over all your Meraki devices – APs, switches, and security appliances – through a single pane of glass accessible from anywhere.

No end-to-end visibility, as Aerohive lacks dedicated switch and security appliance product lines and MDM is via a 3rd party.

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]

A Close-up on Manageability Meraki’s intuitive cloud-based solution reduces complexity, accelerates troubleshooting, and eases the IT burden of managing employee and guest-owned devices connecting to the LAN.

View application usage statistics filtered by time period or SSID.

Simplicity Meraki MR access points are managed via a secure, cloud-based dashboard that is designed from the ground up for ease of management and configurability. New APs can be deployed in minutes with zero-touch provisioning, without the need for training or dedicated onsite staff. It only takes two clicks to create a secure guest network that is isolated from the core LAN. Firmware updates are seamlessly provided through the cloud.

Efficiency Whether you manage ten Meraki APs or ten thousand, finding and troubleshooting devices is easy. Integration with Google Maps helps you keep track of where devices are located and provides health status at a glance. Instantly find individual or group devices by type, OS, IP, MAC, name, and more using Googlelike search. Live tools integrated into the dashboard provide diagnostics on APs and connected clients, with real-time vital statistics.

Drill into APs to view configuration, perform diagnostics, and see connected devices.

Control Meraki-proprietary Layer 7 device fingerprinting and traffic shaping deliver an unparalleled level of control and versatility over devices, applications, and users accessing your network. Maintain security and compliance via access policies that can be flexibly deployed to single devices, groups of devices, or SSID-wide. Every Meraki AP supports up to 15 different SSIDs, allowing creation of isolated, secure networks for devices and users.

3

Convenient floor plan view provides live health status of network devices.

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]

Controlling traffic on your network MERAKI VS. AEROHIVE SIDE-BY-SIDE COMPARISON:

Devices not officially managed or sanctioned by IT staff pose security and bandwidth concerns when they attempt to use network resources. For example, how would you prioritize VoIP traffic across specific devices (e.g., iPhones) on your WLAN?

Meraki Dashboard 1.

Go the Group Policies page and create a layer 7 traffic shaping rule for VoIP traffic. We’ve selected all VoIP & video conferencing traffic, but you could choose among specific applications. Now grant VoIP unlimited bandwidth; conversely, if the goal is to throttle consumption, do so using the slider bar. VoIP traffic will be shaped regardless of bandwidth utilization, but QoS tags can also be specified in the event of network saturation. Layer 7 traffic shaping is included with all Meraki wireless APs at no additional charge.

2. Next, simply enable the dashboard to assign group policies by device type. Using Merakiproprietary layer 7 device fingerprinting, the types of devices (e.g., iPad, Windows XP, Android, etc.) connecting to your wireless LAN are automatically classified.

3. Finally, select the type of device to which to automatically apply the group policy, and select that group policy from the dropdown list. Now, whenever an iPhone connects to your network, its VoIP consumption will be prioritized. No agent installation or configuration is necessary on the client for this policy to apply — it simply works.

4

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]

Aerohive Hive Manager

1.

In Hive Manager’s Network Configuration page, choose to create a new policy, and give the policy a name (we chose “iPhone-VoIP-Priority”). Next, choose which SSID the policy will apply to. Ensure that the “Enable WMM” box is checked in the SSID’s optional settings.

2. Now create a QoS Classifier map for the network policy. Select the VoIP network services to assign QoS settings to in the Classifier map (in this example, level 6 voice). Also enable DiffServ QoS mapping, in case your desired VoIP traffic is not available from the list of services. To set QoS for outgoing traffic, create a new Marker map. Note that these QoS controls will only be in effect should bandwidth utilization reach saturation.

3. Next, create a new User Profile to assign the network policy to. In the QoS settings sub-menu, create a new Rate Control & Queuing Policy. Name this new rate control policy and choose what limits to apply to all voice traffic. Note that weighted round robin settings define forwarding priority, with traffic labeled as “Strict” immediately forwarded — and thus prioritized.

4. Finally, select the “Client Classification Policy” sub-menu and check the “Enable user profile reassignment based on client classification rules” check box to ensure that this policy is applied to specific types of devices — in this case, iPhones. Select “iPhone” from the “OS Object” pull-down menu.

5

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]

Meraki’s Layer 7 application and device visibility provide deep contextual insight into to client-specific usage.

Out-of-the-box BYOD control

• Integrated layer 7 device fingerprinting classifies all devices connecting to your network, and allows you to automatically apply group policies by device type • Google-like search immediately finds clients by several variables, including OS and manufacturer • Real-time vital statics displayed for each client • Drill down into individual devices to get specifics on bandwidth consumption • Layer 7 traffic shaping and firewall rules easily allow specific applications like Facebook or BitTorrent to be throttled or blocked

Licensing & Support Meraki

Aerohive

Meraki wireless includes all features in a single license, and 24x7 tech support is included at no additional charge. Licenses are available in 1, 3, 5, 7, and 10 year terms.

Aerohive licenses are available in 1, 3, and 5 year terms. Support is not included, and available either 8x5 or 24x7 for an additional charge per AP.



6

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]

Thousands of Satisfied Customers

Common Questions How are firmware and dashboard updates handled?

How reliable is the cloud?

When new device firmware is available, customers receive notification emails and dashboard alerts. To proceed with updates, customers simply schedule delivery in the dashboard — or they can delay or opt out of upgrades completely. Wireless mesh configurations require no additional oversight for successful updates. New features are automatically integrated into the Meraki dashboard at regular intervals.

Meraki’s cloud provides a 99.99% guaranteed uptime SLA. Our services are co-located in tier-1, SSAE16 certified datacenters – replicated across the world for redundancy. See meraki.com/trust for more details.

What if the connection to the cloud goes down? The LAN still functions; clients can still roam between APs and access local resources such as printers and servers. Firewall and traffic-shaping policies are still enforced. Wireless mesh routing still works. The Meraki dashboard and the ability to make configuration changes are temporarily unavailable.

How large can Meraki technology scale? Meraki is deployed in the largest cloud networking deployment, supporting over 10,000 devices across more than 600 Motel 6 locations. Supporting new branch locations is easy with selfprovisioning APs, the ability to quickly copy settings from one network to another, network tagging, and the ability to manage all of devices from a single pane-of-glass.

Free evaluations available at meraki.com/eval

7

Meraki, Inc. | 660 Alabama St, San Francisco, CA 94110 | (415) 432-1000 | [email protected]