Aruba Central

AI-Powered, Cloud-Managed Networking for Branch, Campus, Remote, and Data Center Networks

Aruba Central is a powerful cloud-managed networking solution that offers unmatched simplicity for today's IT operations. As the management and orchestration console for Aruba ESP (Edge Services Platform), Aruba Central provides a single point of control to oversee every aspect of wired and wireless LANs, WANs, and VPNs across campus, branch, remote, and data center locations. AI-powered analytics, end-to-end orchestration and automation, and advanced security features are built natively into the solution. Live upgrades, robust reporting, and live chat support are also included, bringing more efficiency to day-to-day maintenance activities. Built on a cloud-native, microservices architecture, Aruba Central delivers on enterprise requirements for scale and resiliency and is also driven by intuitive workflows and dashboards that make it a perfect fit for SMBs with limited IT personnel. The solution is also now integrated with HPE GreenLake, providing a consistent operating model and single platform for IT executives to view and manage their compute, storage, and networking infrastructure for unmatched efficiency and improved cost controls.

Key Features

• Unified management of wireless, wired, VPN, and SD-WAN for simplified operations
• AI-based insights for faster troubleshooting and continuous network optimization
• Integration with Aruba UXI to proactively monitor and improve the end-user experience
• Intent-based policy engine and access controls to strengthen and simplify security at scale
• Inline client profiling and telemetry to close visibility gaps associated with IoT
• Powerful monitoring and troubleshooting for remote or home office networks
• APIs and webhooks to augment the value of other leading IT platforms in your environment
• Live Chat and an AI-based search engine for an enhanced support experience
• SaaS, on-premises, and managed service options for flexible consumption and financing

Streamlined Network Operations

Aruba Central eliminates the inefficiency of using disjointed, domain-specific network management tools. It begins with a network health summary dashboard that provides quick insights to analyze and improve the network-whether it be the wired or wireless LAN, or performance across the WAN.

From this single dashboard, IT operators can readily assess the state of the network with views into global and site-level details. Selecting a site changes the interface to only show network devices and connected clients specific to that location. This way, IT operators can swiftly identify potential problems, as well as zero-in on specific locations that require their immediate attention.

Simplified Onboarding and Provisioning

Onboarding, configuring, and provisioning network devices is a key activity in any environment, but can be time-consuming and complex. Aruba Central accelerates this process with an easy setup wizard, flexible configuration options, and zero touch provisioning, further aided by an intuitive mobile installer app

Guided Setup Wizard

The setup wizard automatically adds account subscriptions, synchronizes device inventory from orders, and assigns purchased licenses to devices. This saves time, improves accuracy, and makes it easier to onboard devices into your environment.

Flexible Config Options

To simplify device configurations, Aruba Central uses templates and a UI option that features guided, step-by-step workflows. For devices with common configuration requirements, network admins can use groups to instantly apply or modify settings across large sets of devices.

Additional options are available for Aruba CX switches, including pre-built express configs that enable network-wide changes with only a few prompt-driven inputs. A multi-editor is also available for more advanced configurations. Both options offer built-in device validation, giving network admins the ability to rapidly stage, test, and roll-out changes while ensuring common criteria and existing policies are met.

Zero Touch Provisioning

Zero touch provisioning provides a simple, intuitive workflow for setting up APs, switches, and gateways - no onsite IT involvement required. Configuration parameters can be defined within Aruba Central based on network- or site-specific requirements. To get started, simply plug in and power on a device. As the device boots up, it connects to Aruba Central and automatically receives its running configuration from the cloud.

Mobile Installer App

The mobile installer app allows you to delegate the installation and deployment of devices to trusted resources or third-party service providers. The app lets you define the access privileges of each IT resource and track the onboarding process as devices are scanned and added to the assigned network. The zero touch provisioning process is then used, and the status of each device is instantly updated in the Aruba Central installer dashboard.

Supported network devices

Aruba Central provides management for a wide range of Aruba wireless APs, switches, and gateways (formerly known as controllers). For wireless networks, Aruba Central supports deployments both with and without gateways.

AI-Powered Monitoring and Troubleshooting

When a network- or business-impacting problem occurs, quick detection, root cause identification, and resolution are at the core of maintaining a stable environment. Aruba Central enables 24x7, intelligent monitoring of networks, applications, client devices, and end-user experience, all correlated into powerful visualizations and dashboards.

AIOps for Wireless, Wired, And WAN

Aruba Central includes a full-service AIOps solution that automates common troubleshooting activities, reducing IT support tickets and associated costs. Aruba's AIOps solution is based on machine learning models that are consistently trained with network performance data collected from tens of thousands of Aruba customers across every vertical, market segment, and network type.

Core components of the AIOps solution include:

• Network Insights: Automatically surface and diagnose an array of common network-impacting issues by using dynamic, per-site baselines that are continuously tuned as conditions change - no manual setup or adjustment of service level thresholds required. Built-in anomaly detection highlights the severity and impact of issues as they occur, helping IT pinpoint root cause and proper remediation steps with 95% accuracy.
• AI Search: A natural language processing (NLP) engine of the Aruba Central data lake that points to solution guides, troubleshooting tips, and more. Whether operators are looking for best practices on device configurations or need to isolate a problem impacting a specific user, AI Search provides fast, interactive responses that simplify Day 0 to Day 2 operations.
• AI Assist: Uses event-driven automation to collect diagnostics for critical failure signatures, making it available to Aruba TAC for proactive customer support and replacement workflows.

Eliminating manual troubleshooting can help solve issues up to 90% faster. Customers can also tap into anonymized peer benchmarks that offer optimal configuration settings based on performance levels at sites with similar network characteristics - in some cases improving capacity by up to 25%.

Lastly, self-healing workflows can be enabled to automatically update configurations as needed, helping IT fix issues without manual intervention.

AI-powered Firmware Recommendation

Eliminates the overhead of manually tracking firmware upgrades and reduces the risk of non-compliance with proactive, AI-powered firmware recommendations for APs. ML models are used to dynamically assess software per AP model, TAC cases opened per version, age, compatibility, and other information to offer a recommended firmware version, along with a summarized report of the number of devices receiving the upgrade.

Additional Monitoring Capabilities

Detailed health and analytics dashboards are also available to monitor:

• Network health and assurance: Gain broad visibility into network-wide performance, and drill-in to specific sites with summaries of device utilization, configuration compliance, and other statistics.
• Application visibility: Monitor application health across the network, ensuring critical services receive priority traffic while tracking and enforcing acceptable usage by site, device, or location.
• UCC analytics: A consolidated view of how VoIP applications are performing with mean opinion scores (MOS) and insights into potential RF performance and capacity issues.
• Client health: Delivers a multitude of details on devices connected to the network, including insights into client performance, connectivity status, physical location, and the data path.
• AI-based connectivity insights: Automatically identify potential Wi-Fi connectivity issues tied to DHCP, DNS, authentication failures, and more.

For wired networks, IT operators gain visibility into the health and utilization of both individual and stacked switches. This includes port status, PoE consumption, VLAN assignments, device and neighbor connections, power status, and more-with built-in alerts and events that accelerate wired network troubleshooting.

Built-in Troubleshooting Tools

Troubleshooting capabilities include live events, packet capture, logs, and rich command line tools. Diagnostic checks such as ping tests and traceroutes are also available, as are device-level performance tests for Aruba infrastructure.

User Experience Insight Integration

Aruba User Experience Insight (UXI) completes IT's understanding of application and network health by measuring it from the perspective of end users. UXI sensors deliver continuous monitoring and testing of wireless, wired, and WAN performance, reporting any anomalies directly to the Aruba Central network health dashboard. When a problem is detected, IT can quickly identify systemic or intermittent issues in any location, then access the full UXI dashboard for advanced troubleshooting.

Wireless- Optimization Techniques

Cloud, IoT, and newer applications such as 8K video streaming and AR/VR are flooding Wi-Fi networks. Combined with poor building conditions that can interfere with client connectivity, these bandwidth-intensive applications can have a crippling effect on network performance and end-user experience.

Aruba Central orchestrates a number of unique AI-powered capabilities that keep Wi-Fi networks performing at peak levels.

Deliver SLA-Grade Application QoS

Guarantee performance and optimize user experience with Air Slice. By dynamically allocating radio resources such as time, frequency, and spatial streams, Air Slice helps guarantee performance for latency-sensitive, high-bandwidth applications such as AR/VR, Zoom, and Slack as well as IoT devices.

Automate RF Management

Improve wireless capacity and coverage controls with AirMatch. By utilizing AI and machine learning, AirMatch analyzes periodic RF data across the network to derive configuration changes for every deployed Aruba AP, which receive dynamic updates based on changing environmental conditions.

Optimize Client Connectivity

Enhance traditional radio and roaming techniques with ClientMatch, a patented RF optimization technology that continually enhances connectivity for Wi-Fi 6 and Wi-Fi 5 clients and eliminates sticky client issues.

Eliminate Indoor Cellular Gaps

Enable seamless handoffs between cellular and Wi-Fi with Air Pass*. Using pre-negotiated agreements with major mobile network operators and the Wi-Fi certified Passpoint® standard, Air Pass eliminates the need for captive portals, usernames, and passwords to deliver a great experience for your guests while reducing costs and management overhead of DAS.

Notes: Air Pass is currently available in the U.S. only.

Optimize Wi-Fi Planning and Monitoring

Optimize the process of Wi-Fi design, implementation, and real-time monitoring with intuitive floorplans. Floorplans on Central display accurate coverage patterns without the use of dedicated RF sensors or additional appliances. Site survey and plan files can also be directly imported from third-party Wi-Fi design solutions such as Ekahau, for real-time monitoring of infrastructure devices, clients, and anomalies.

Automate Security at Scale From Edge To Cloud

Hybrid workplace initiatives, IoT, and edge computing are increasing network complexity. Meanwhile, new security exploits crop up every day. As a result, manual configuration of static VLANs, ACLs, and subnets at every network hop is no longer practical or scalable for protecting today's distributed enterprise. To overcome the shortcoming with traditional perimeter-based approaches, organizations are increasingly adopting new, sophisticated security models such as Zero Trust and SASE. A fundamental concept of both Zero Trust and SASE security frameworks is identity based access control that grants least-privilege access for a device or user, restricting them from accessing resources not required to complete their tasks..

To streamline the adoption of identity-based access and simplify IT operations, Aruba Central NetConductor delivers advanced, cloud-native configuration, management, and security services, including intent-based policy automation and orchestration, intuitive network access and authentication controls, and AI-based discovery and profiling of all connected clients.

AI-based Client Profiling

To close visibility gaps often associated with mobile and IoT devices, Aruba Central offers ML-based classification of all clients. This capability, known as Client Insights, uses dynamic comparisons against crowdsourced fingerprints of known clients and MAC range classification in the likely event that unknown devices are connected to your network.

Through this service, Aruba Central automatically categorizes all devices running on any wired or wireless network, using deep packet inspection to provide additional context and behavioral information that help ensure devices are receiving proper policy enforcement. Once identified, device behavior is constantly monitored for change, ensuring an up-to-date view of what is on the network at all times.

User and Device Authentication

Cloud-native NAC provided by Cloud Auth further simplifies how IT controls network access while providing a frictionless experience for end users who need connectivity to wired and wireless networks managed by Aruba Central. IT admins can upload allowed client MAC addresses to Central or authenticate users via integrations with common cloud identity stores such as Google Workspace or Azure Active Directory to automatically assign the right level of network access. Client devices can also be onboarded seamlessly using an application that supports macOS, Windows, iOS, and Android operating systems.

Within the associated monitoring dashboard in Central, administrators have visibility into traffic patterns, access requests, connected sessions, and more, helping IT continuously refine and strengthen security postures.

Global Policy Automation and Orchestration

The Central NetConductor policy manager empowers IT to define and maintain global policies at scale with ease, using UI-driven, intuitive workflows that automatically translate security intent into policy design and map user roles for employees, contractors, guests, and devices to their proper access privileges.

Flexible Technology Eases Migration

Central NetConductor uses widely adopted protocols such as EVPN/VXLAN to produce the intelligent network overlay. As a result, the overlay can be quickly deployed across heterogeneous networks across all domains, from remote and branch locations to campuses and global enterprises, giving you the benefit of cloud-native visibility, authentication, and security services with flexibility and freedom of choice to modernize your network at your pace - no technical disruptions or costly rip and replace of infrastructure required.

To learn more, contact your Aruba sales representative or please refer to the Central NetConductor solution page.

Secure Wireless Segmentation

For venues such as malls or airports that require multi-tenancy operations, MultiZone enables secure SSID separation without needing to deploy additional access points. A key use case of MultiZone is keeping IoT devices - which aren't very secure - separate from other enterprise traffic without incurring the expense or complexity of deploying and managing another wireless network.

Intrusion Detection

Aruba Central utilizes Aruba's Rogue AP Intrusion Detection Service (RAPIDS) to identify and resolve issues caused by rogue APs and clients. Wired and wireless data is automatically correlated to identify potential threats, strengthening network security, and improving incident response processes by reducing false positives.

Web Content Filtering

Web Content Classification (WebCC) classifies websites by content category and rates them by reputation and risk score, enabling IT to block malicious sites to help prevent phishing, DDoS, botnets, and other common attacks.

SD-Branch Orchestration

Connecting branches and other remote locations using legacy WAN solutions is costly and complex. Aruba EdgeConnect SD-Branch can help simplify WAN management while enhancing user experiences. As the cloud-based management console for Aruba EdgeConnect SD-Branch, Aruba Central empowers IT to centrally manage virtual, headend, and branch gateways and route traffic over MPLS, broadband, and cellular links.

Aruba Central also provides:

• Integrated topology views for graphical representation of gateways and details per site.
• Monitoring of WAN circuit health, bandwidth availability, and tunnel status for each site.
• Quality of experience (QoE) scores for SaaS apps with drill-downs for root cause analysis.
• WAN orchestration for managing routing preferences across branches and data centers.
• Virtual gateway management to directly extend policies to gateways hosted in public clouds.
• Streamlined management of integrations with AWS Transit Gateway Network Manager and Microsoft Azure Virtual WAN.
• An advanced security dashboard with IDS/IPS, threat intelligence data, and correlation with incident management capabilities.

Please refer to the Aruba EdgeConnect SD-Branch data sheet for more.

Remote Work Capabilities

Aruba Central enables IT to easily scale, monitor, and secure the network infrastructure required to support thousands of remote users who need access to corporate applications and services - no taxing, manual setup required. Options include deploying the Aruba EdgeConnect Microbranch solution with any Aruba access point to provide an on-campus connectivity, support, and security experience to small offices, home offices, or ad-hoc locations without the requirement of an on-premises gateway, or using plug-and play Virtual Intranet Access (VIA) VPN clients that connect to Aruba Gateways deployed in data centers or public cloud infrastructure to support workers on the go.Once workers are connected, IT can centrally monitor and troubleshoot user-impacting problems, including employees who are connected to the VPN. Insights include the client data path, bandwidth consumption, and VPN tunnel health. Proactive notification of issues helps IT debug issues faster by pinpointing the exact cause of bottlenecks, thereby reducing help desk calls, and minimizing user interruptions. With the Aruba EdgeConnect Microbranch functionality in AOS 10, IT also gains WAN orchestration and policy-based routing capabilities, as well as integration with cloud security solutions from providers such as Zscaler. IT is also able to rapidly root-cause poor experience issues with the WAN transport health dashboard. The microbranch architecture dramatically simplifies how IT manages connectivity for the hybrid workforce - delivering enhanced performance, reliability, and security to remote locations with minimal overhead.

Extend Operations to IoT

Aruba Central simplifies IoT operations with an integrated dashboard and app store. The dashboard extends network monitoring and insights to BLE and Zigbee devices connected to Aruba access points running AOS 10, helping converge IT and IoT onto the same network. The integrated app store reduces the complexity of deploying new IoT services, which often require specialized components and skills. With Aruba Central, customers can seamlessly download and deploy best-of-breed apps from leading IoT partners in a couple of clicks.

Reporting and Maintenance

Robust Reporting

Aruba Central provides premium-grade reporting features that are included as part of the base license subscriptions. Reports cover device connectivity, network health, capacity planning, and the ability to baseline and compare user experience across various sites in the network. A reporting wizard is also provided to generate scheduled and on-demand reports that highlight network and application health, throughput and usage data, device and client inventory, activity auditing, and much more.

Live Upgrades

Upgrading firmware on network devices often results in downtime or loss of service. In such cases, IT organizations often rely on time-consuming, CLI-based processes, or must place calls to customer support to help initiate upgrades. Aruba Central offers a radically simplistic approach with a GUI-based workflow to upgrade firmware on deployed network devices. This includes the ability to complete live upgrades to reduce maintenance windows and ensure continuous operations. Upgrades can be completed at the site level and can also be scheduled during non-peak hours of operation. Lastly, rules governing firmware compliance can also be managed within the Aruba Central UI for all managed devices.

Extensibility Through APIs and Webhooks

For customers developing network automation frameworks, Aruba Central offers extensibility with other leading IT platforms and solutions through APIs and webhooks. By automatically pulling data from Aruba Central into these third-party solutions, network operators can programmatically trigger actions based on certain events or conditions. Common workflows that extend across multiple systems can be further automated, such as creating IT tickets in ServiceNow, or orchestrating configuration changes across hundreds of network devices using Ansible.

FedRAMP Authorized

Aruba Central has achieved an "Authorized" designation with the Federal Risk and Authorization Management Program (FedRAMP). Accreditations such as FedRAMP provide even stronger assurance that all companies or entities - including U.S. federal agencies and participating state and local (SLED) government IT departments - can confidently adopt Aruba Central's cloud-based services to simplify operations, reduce IT costs, and create greater value for their organizations. For further details on how Aruba Central can meet your organization's security and data privacy requirements, please refer to the technical brief.

Deploy and Manage Your Way

Aruba Central is available via software-as-a-service (SaaS), on-premises, and managed service models, giving customers the choice and flexibility required to suit a diverse set of technical, staffing, and financial requirements.

On-premises Deployments

Aruba Central On-Premises is ideal for customers who want the agility and efficiency of the cloud but need to adhere to stringent regulatory or compliance requirements. Customers with legacy network designs that may temporarily inhibit cloud adoption are also potential candidates for this option.

Aruba Central On-Premises is po