Hello and welcome back. My name is Tyler McMahon with Aruba. And this is our part to final video in our cloud basics webinar video series. So I really appreciate you guys going on this journey with me. We've got this final overview of some really amazing cloud applications applications that are going to be hosted either in the data center on premise. Or cloud based hybrid, whatever that allow us to centralize our services. And really provide that kind of sassy type of deployment that were strategy that we're achieving with the SP. So let's take a look at these cloud applications and it started. [MUSIC]. All right so taking a look first, let's look at Net Edit now. Net Edit is a command line tool for CFC switches from Aruba. So this has several panels that are available for you when you're doing your troubleshooting. And one of these is this topology tab which views all devices currently inventory to buy net edit. And there's a property panel, there's contextual information, there's health summary information. But these are actual X switches to aggregation switches that are stacked with the technology called BSX. And access their switch and you can see the associations between them so it is a great tool for troubleshooting really. It's primary purpose is to allow you to do change management in a very controlled and standardized way when you're doing deployments of configurations of multiple switches at one time. Effectively it allows you to do structured deployment on rails and even do some variable programming without needing to be a programmer. So a very, very useful tool that's primarily designed for CX switches and in this case they're just showing you example of the topology tab where you can check the configuration of those switches. Because you've used this tool, you can easily roll back changes as need be. So when troubleshooting, what NetEdit will do is it will while you're typing, fix the syntax of what you're typing when you go to validate or just deploy. It will automatically validate and this validation is client side. So it's very scalable and it leverages a lot of the features that are available only on the CX switch, which is primarily what we use it for almost exclusively for CX users. But it can tell you whether a particular configuration is not only going to break your switch, it could break connectivity, you can put in compliance checks. There's a number of cool features with this, this particular tool, Net Edit is a stand alone server. So normally it's installed as a virtual machine appliance and is not usually presented in the cloud. Given the amount of server resources I mentioned this in a previous video about putting something like clear pass or airwave into a virtual machine. And hosting it on AWS or something like that often wouldn't do that because the cost would quickly over overrun what the value would be. It would make much more sense to keep large appliances like this in your own servers on premise and then apply them in a hybrid deployment. So this is an example of a conformance test that you could create and just say, even though it's not breaking the configuration, it may break your company's policy to use, say SNP version two. And so you're always checking that you're doing version three or that you're using this list of the lands when you should be using this other list of internal violence. These are all conformance tests that can be checked or even checking reach ability to other services and servers. You can pipe that into our program that internet at it very easily. You can also create alerts that can trigger on specific circumstances. So because net edit is tied in using the rest API call to all of your sex, which is that you manage through that edit. It gets real time updates anytime somebody makes a change. So even though I could go to a switch and make the command line change completely outside of net edit. Now that it's going to immediately be aware of that change and therefore can alert administrators say like, hey Tyler went in and made this change. I don't know what he's doing. It breaks compliance. Do you want to roll it back, do you want to fix it? What do you want to do? So really cool tool to essentially script and manage your configurations on CX switches, but it's exclusively for CX switches and a little bit of troubleshooting here. Just showing some of the generated alerts that are there and you can follow up and see all the information where this conformance failed on some devices. Now, another tool that is very much cloud based is the UXI or User Experience Insight. And what you excite tool does is it helps you the administrator gain a user's perspective on what it's like to sit in that branch office or that home office or whatever and try and get online. Try and pull DCP address. Try and do DNS lookups. Try and access web services like office 365 from start to finish. What is the experience like if you were to drive out there and put your laptop on that person's desk and try and get connected. And what you literally do is put a sensor at that site, a cheap little on virtual or physical sensor and we'll see those in just a second that are very easy to stand up. And then those sensors tie in, dial up to the cloud and update the UXI cloud interface, this UI interface. So while this is not directly part of central, you have some similar metrics that central itself is gathering, just not to this degree because this is literally emulating a client device. And it's constantly checking your DCP, your DNS, your association on the wireless on the wired side. It's checking the experience as if it was a client minute to minute. So you're going to be aware of an issue as it happens and have a history of that issue. Good metrics before the person may even show up to work that day. Which is hugely valuable in root cause analytics and I mean you're solving tickets that the client hasn't even filed which is great. IT assistant and assurance best practices in a box. So the USI. Provides through testing troubleshooting and at a glance status and actual insights it makes it possible to find and focus on where the problems are and the save time and money. That's really true. It's not just your time as an administrator and IT person but it's the company. The biggest cost to these issues is not us working. It's the amount of downtime when the employees can't work. So why you might fix an issue that impacts your afternoon. That issue could have caused 1000 employees to be down for two hours and take their average salary times 2 hours and maybe 50% of the work 75% of their work is network dependent. That's a very real dollar value that you could recoup by simply the faster you can fix this or even solve problems before someone's even reported it. The user perspective insight for detecting troubleshooting problems in ways no other solution can provide without site visits. That's another big one back in the day. I one of my early enterprise jobs was to avoid these truck rolls at a major bank, a nationwide bank here in the United States and every truck that we saved. There was a dollar amount, several hundreds of dollars and this was 15 years ago. So if you can stop from rolling technician out to that site not only saving time by fixing the issue faster but you're saving on these vendor labor calls that have to be made had to be made. So yeah very powerful, very real time. But it's pretty simple in the sense that you are literally just putting a box that acts like a client machine that then feeds the stats all the time. So the USI sensors take on the role of an end user. And here's a little sensor sitting there as if you were sitting there and then they just automate this process of testing the network constantly. So it tests the authentication, it tests TCP, it tests DNS it tests accessibility of AP association times. It's checking thresholds to see if they're delayed or whatever else. Then if somebody does call up and says, hey I can't get connected at this bank branch, I think the Wi-Fi is down. You have solid metrics to say no, it's working. Did you turn on the radio, did you do that little switch on your laptop, is your laptop powered on? You're at this branch, that's not the right branch, I don't know whatever. It has this kind of halo effect of saying like yeah I know the side is good. The issue is probably the client side. So this is a way of instead of you trying to say like are you the only one having this issue, is anybody else experiencing this? You already know that the site is solid or not. And it checks the end end. So not just the layer one connectivity part, but the layer two and layer three authentication and ultimately getting your address and your DNS result in a timely manner. And then on top of that you can check for services like VoIP and web services to check Latency, Jitter, Packet Loss, Throughput overall. So it gives you an end-to-end perspective from the user to getting that user to the services that they need to do their job. The website that you would use is as I said, not part of central as of that I know of now, but it is a website that can notify you and tell you whether the performance is okay, if there's an issue or not and where that issue exists. And then alert you if there are issues that are discovered you can preemptively solve those issues. So the UXI sensor itself, there's the G-Series and the F-Series sensors and these are plugged in on the wired side as well as having radio components. The G-series includes LTE, so even if the site itself goes down you still got back into access to it, and then the F-Series and the licensing that's included with that. So you can deploy these sensors in multiple locations to help simplify customer experience and the UXI assurance solution helps validate the network health and troubleshoot problems that can affect your day to day. I would say if you just have a mobile user on a VA software client or a home user on a single wrap remote AP you probably wouldn't deploy this. But if you have a site with multiple APS, dozens of employees, a branch office or larger, these UXI boxes can be extremely valuable. The other nice thing about this is it's technically Vendor-Agnostic. So since these sensors act like a client, you can place them in any network even if you don't happen to have Aruba wireless or wired, you can still deploy this UXI sensor and it could report on any of these clients, just a client machines. So as long as my laptop is expected to connect to this Dlink network, then your excise sensors should be able to test the same. Okay, now looking over at Aruba ESP, this is our edge security service and it's basically our implementation of sassy. Being able to provide security at the edge where we're leveraging cloud based visibility and analytics and machine learning and all the rest of this. So there is this idea of Zero Trust which is a big part of ESP. And that would be your intrusion detection and prevention and the intrusion detection systems can work in conjunction pulling information off of these edge devices in some cases feeding it to the cloud or some central server or service that can then report on that. And then through the cloud we can analyze that information. Look for signatures, anomalies to be able to do better detection and prevention of attacks in our network. So things like protocol attacks, routing, buffer overflow attacks, malware, zombie denial of services, we could tie all those we would best be suited by being able to tie those all into something like central to be able to report on those, and just listening to some of those various attacks. Meridian, this is a platform that allows you to do the location within a building and what meridian really provides is an app. So while you can use the Bluetooth that's built into your access points from Aruba, they have Bluetooth low energy sensors in there. You can buy these little hockey pucks that are like six months, little battery cheap one or you can get one that last several years. And these allow you to place them into different parts of a building where you might be doing a conference or a hotel or a shopping center and airport something like that. Upload a floor plan map, say where the Bluetooth is. And then you could build into this app that you can make available to customers and employees or people visiting your facility or your event. And they could use self guided way finding, they could do blue dot I am here, I'm holding my phone, and the phone is being picked up by those blue two sensors so I know I'm on this floor. And then way finding would say this is the best route to get to my room or to get to the food court or to get to the conference. I can also do some asset tagging and there's some analytics and location engine that's separate from the Meridian platform that can be installed as a VM. So with the Meridian product here. This is again kind of a cloud based solution or a server based solution that could be used in order to provide this great feature at a particular location. Hopefully we'll be having more of these I think they announced air heads for 20 or excuse me, atmospheres for 2022. I think I signed up for that. It's a little before when this video came out, or after when this video came out. ClearPass, so I talked about ClearPass, this is a triple A server. It provides authentication, authorization, accounting. There's dozens of these out there but what ClearPass does as an Aruba product is it really simplifies a very powerful way of doing context based policy management. Like you are this person logging in on this device at this time of day in this location do allow you access or not or do I give you limited access or do we give you this but I blocked that. So you can create those policies in a fairly simple way with ClearPass and as a single server, it provides this huge amount of responses where the largest servers can handle tens of thousands of authentication requests per minute. So very, very fast, very powerful machine and you can cluster these together for redundancy but they are and can be very large servers. So again these servers are probably best suited for an on premise deployment rather than a cloud based one, but they do provide just a huge amount of features that go well beyond what like your built in Windows NPS service would provide. Including features like on boarding new devices, on guard to do text, this is network access control, you install this app on the fly as users connect to your network there and it checks to see if their computer is healthy or not through token validation and I as very, very rich self registration, sponsorship, social login registration through guest access here. Now if you're doing service guest access through ClearPass but through the cloud using central, then you can still use ClearPass to do your policy and central would tie into that. Whereas central might handle your guests if you just want guest access or just simple eight or 2.1X authentication. And then your device insight, device insight runs in the cloud. So we have a device insight analyzer that's a cloud based platform and it runs on an Aruba cloud platform, machine learning based classification, crowdsourced and custom fingerprinting and asset inventory and reporting. So we talked about user insight, user experience insight which is a sensor that acts like a client and tells you how great the connection is Device insight gives you insight into what kind of devices are connecting to your network. So this is a way of getting more information than just a Mac address of a mobile device that's connected. I don't know who it is or who it belongs to but I see the Mac address. Well what type of device is it? Is it a phone? Is it an Apple phone? Is it a laptop? Is it a tablet? Is a server, is it? What is it? Well, device insight takes crowdsource information where people have already identified that type of device based on its signature. Its Mac address and whatever else other information they can gather. And has told you that's a way, whatever phone from wherever you can quickly determine that. So this is great if you have a large campus with a lot of users that are constantly coming on and off the campus, like a hospital or a college campus or a high school. This will give you much better insight as to the types of devices that are connected. There are insight collectors that are hardware or virtualized appliances you can deploy. In order to in line grab this information and scan your network to actively. Or passively just gather what type of devices are there and are ultimately connecting. So yeah, very useful tool, very useful service to be able to collect and forward this information. And then not only in the cloud where this information is tagged and bagged and now you know what you're dealing with. It can then report that down to your on premise, clear past server and now clear paths can make policy decisions. To say yeah Tyler is logging in but he's on this Huawei device. And I don't know if I trust that Huawei device. So I'm going to give him limited access even though I fully authenticated, I have certificates, I'm in the green. Because of the device type, you can now apply an adjusted policy which is hugely valuable. So that's just kind of a quick overview of some of those cloud based tools. The basics course overall sadly we are at the end of but if you didn't watch the part one definitely go back and check that out. Where we looked at a variety of cloud products and technologies. We talked about Network management systems and Orchestration. And we dived into security, moving apps to the cloud. And we really looked at an example in part two of using Central and Aruba products. And what it means to to integrate cloud services. We use this term so ubiquitously that most people just don't know what you're really even talking about. And you can joke and say, well the cloud is just someone else's server where stuff is running. But in reality it's something that we're using almost all the time. Yeah, we've got these mobile devices but due to this expectation of connectivity. We're so used to having these services that you're kind of left behind as an organization. If you're not aware at least of what's out there. And partnering with a company like Aruba is a great way to jump in. Because you were able to lean on the products and services that they're engineers are constantly developing. And they really are at the forefront of what you can get at the consumer level now at the enterprise level. So what comes next? Well, if you'd like to really dive in and learn more, there is a good place to start. There is switching fundamentals. There's mobility fundamental courses that are available. We have a security fundamentals course which is very involved. And there's even a data center specialization course that I think is a three day course. Where you see x which is in your own on premise data center and what the building a network would be like in those instances there. So check out those associate level classes at arubanetworks.com/certification. And if you choose to find a field that sparks your interest and you pass the exam at the associate level. You can go on to the professional level where we do a much more deep dive. Five day long courses, pretty much teach you everything you ever want to know about it. So yeah, definitely check it out there is a mobility essentials that is coming soon. Actually I think that is already out and in the meantime check out Airheads check out our Aruba's search on Aruba's website. Airheads is free to join asc website. There's a tax support and there's upcoming events. There's been events online all the time. So hopefully you'll find more of these available to you and hopefully I'll be in another one that you catch in the future. So I just want to say thank you very much for your time. My name is Ben Tyler McMinn. I look Forward to seeing you in the next one. Thanks again.
