Using lectures and labs, the course builds upon concepts introduced in the Implementing Aruba WLANs course. SWDI covers content enabling the student to understand and implement advanced topics included in Aruba’s firewall features such as policy design, authentication and role derivation. Additionally, it covers subject material for building complex networks using Aruba’s Remote APs and multi-controller environments based upon the Aruba Campus Wireless Networks Validated Reference Design for network design and redundancy. The course is based on ArubaOS 6.1.
Network engineers with more than a single controller in the network.
Aruba Certified Mobility Associate (ACMA) certification (Required)
Implementing Aruba WLANs course (Recommended)
Ability to provision an Aruba controller with multiple SSIDs, captive portal and 802.1X
Aruba Architecture Review
The Aruba Solution, Aruba Architecture and Network Design , AP Groups.
Secure Jack, Wired Multiplexers, Configuring Secure Jack operation.
Remote Access Point (RAP)
RAP Introduction, New Platform, Rap2 and Rap5 Deployment, Pre-staging certificate, RAPs Zero touch deployments, Post Deployment RAP, Uplink Bandwidth Reservation, Content Security Service (CSS), RAP Local Client Access, Troubleshooting.
Virtual Internet Access (VIA)
VIA Introduction, Configuration, VIA Requirements and Installation, VIA Operations, Troubleshooting.
Site to site VPN
Site-to-Site overview, Configuration, Troubleshooting.
Master/local benefits, Inter-controller IPSec, Controller specific AP Groups, Multi Controller AP Configuration, VLAN Pooling, Named VLANs, AP Termination, Remote Node operations.
Mobility / Roaming
802.11 mobility review, Single Controller vs Multi Controller, L2 vs. L3 mobility, Understanding mobility domains, Configuring mobility domains.
Understanding master redundancy, Master Redundancy, DB Synchronization, Configuring master redundancy and VRRP.
Types of AP redundancy, Understanding N+1 redundancy, Understanding active-active redundancy using VRRP.
Wireless intrusion Protection
L1 attacks, L2 attacks, Rogue Detection and Containment, Threats and countermeasures, DoS Attacks, Surveillance, Impersonation/Man-in-the-Middle, Unauthorized Device Detection and Containment, Access Monitor, Best Practice, Management of IDS events, Rogue AP detection, location, and containment.
RFProtect features, Access Points and Air Monitors, Creating Air Monitors, Rogue AP detection, location, and containment, Rogue Classification, Configuring rule based classification, L3 Rogue Classification, Configuring containment, Wireless client “Tar Pit” containment, Wired Containment, Threats and countermeasures, Configuring IDS using wizard, WebUI Monitoring, IDS events logging.
Mesh Operations, Mesh Solutions, Mesh Clusters, Configuration of Mesh Portals and Mesh Points, Remote Mesh Portal, Mesh Troubleshooting.
2 (two) days.