Wi-Fi provider Aerohive Networks has today (28 January 2014) launched the Aerohive Mobility Suite, a cloud-enabled mobility management solution that simplifies the complexity caused by the influx of mobile devices.
The Mobility Suite includes three main components: the Client Management application, the ID Manager application, and integration with mobile device management software partners AirWatch and JAMF Software. The Mobility Suite simplifies enterprise networking and personalises mobility for enterprises and IT staff by extending visibility and control over mobile devices to the very edge of the network.
Speaking to Wireless, Abby Strong, senior product marketing manager at Aerohive, said: ‘Customers are struggling to get tens of thousands of devices onto their networks, especially with developments such as one to one programming in schools, so IT managers are getting overwhelmed trying to work out how to deal with the different types of devices and users coming on to their networks.
‘So, the main priority for us is to help them with client (device) auto-provisioning that is simple and seamless, where no separate enrollment portal is needed, and which works for Apple iOS Android, Windows and so on.’
Strong continued: ‘We’ve come up with Mobility Suite, which has two new applications, Client Management and ID Manager, and also the extended partnering arrangement with AirWatch and JAMF, to provide IT and Wi-Fi network administrators with total control over mobility.’
The Aerohive Mobility Suite extends management and control over a spectrum of clients, from transient guests to company-issued devices. Administrators can allow users to access the self-service portal and easily onboard devices, providing the appropriate balance of privacy and control across the complete spectrum of use cases—from those that simply require basic internet access, to devices that must have tightly controlled applications and content.
The cloud-enabled mobility management solution simplifies and automates onboarding, configuration, monitoring, and troubleshooting of connected devices, as well as personalising the mobile experience for end users based on available user, application, device and network context.
The Mobility Suite, combined with Aerohive’s Cooperative Control access points, routers, and switches, creates a unified, mobile-centric, access layer with consistent management across mobile clients and wireless or wired networks. This comprehensive solution enables lean IT departments to centrally manage and enforce policy on thousands of devices in hundreds of distributed offices.
Strong described the three tools in Mobility Suite as providing for the whole spectrum of usage on the network starting from cases where not much control of the device is needed to user cases where total control is required. She said that Aerohive has indentified five major use cases:
- Guests – where only temporary access is needed and no access to corporate resources is required
- Access BYOD – where the employee brings to work a purely personal device, which is not really intended much for work, but provides a way to access data for free
- Application BYOD – where the employee does intend to use their own device for work and need access to corporate resources
- Coporate devices – laptop, smartphones and tablets issued by the company with access to corporate resources
- Content – full content and app management required by the enterprise which needs very tight control and security (for example, a tablet used to take customer payments in a retail store.
Mobility Suite components
The Mobility Suite components deliver control over the complete spectrum of clients. This ranges from devices that simply require basic internet access that can be easily controlled at the network level to devices that must have tightly controlled applications and content, which must be controlled on the device.
For enterprises that want simplified guest access enforced by the network, the Mobility Suite includes Aerohive’s ID Manager application. ID Manager provides self-service portals and kiosk-based guest registration as well as simplified delivery of access credentials via SMS, email, and even Twitter Direct Messaging.
ID Manager uses Aerohive’s cloud technology to eliminate the need for additional hardware or software to deliver a scalable, simple-to-administer guest management solution that streamlines the onboarding of visitors.
ID Manager also can be used for simplified management of BYO devices with the use of the Employee Sponsorship functionality. Employees can register for guest credentials to connect their personal devices to the guest network. Going forward, Aerohive intends to streamline this process to simplify onboarding for BYO devices that only require basic network access and no device control.
For enterprises that require device-level control of corporate-issued and BYO devices in addition to network-level enforcement, the Mobility Suite includes Aerohive’s Client Management application.
With the Client Management application, an IT administrator can easily onboard and provision corporate-issued and BYO devices with unique client credentials, ensuring the security of corporate resources.
This enables device-level configuration profiles to be combined with device ownership to create personalised policies and controls for a mobile-first enterprise. IT administrators also gain unified management, with client information displayed in Aerohive’s HiveManager for easy monitoring and reporting.
The integration of Client Management with the context-based policy enforcement of Aerohive’s network infrastructure allows IT administrators to create mobile policies that utilize both network- and device-based information.
This unification allows greater visibility for troubleshooting and more sophisticated policies to be created, enabling changes in network state to trigger changes in device policy.
Advanced mobile device management partnerships
When enterprises require even more control over devices and content on those devices, including application management and securing corporate content, the Aerohive Mobility Suite also includes partnerships with leading mobile device management (MDM) vendors such as AirWatch and JAMF Software.
With the Aerohive infrastructure and HiveOS facilitating the enrollment and enforcing the continued installation of the MDM agent software, the Aerohive solution eases the burden on IT administrators who must deal with the complex task of enrolling devices with the MDM profile and ensuring these profiles stay installed.
Enhancements to the Aerohive-AirWatch integration allow Aerohive devices to query AirWatch management for enrollment and compliance status. When a connected device is determined to be out of compliance, the Aerohive devices can quarantine the out-of-compliance client device on the network as well as send a message to the user to remediate the device before they will be granted full access to the network again.
Empowering network management staff
Strong said it is up to individual companies and organisations to set access policy and how to implement it – who has access to what and when. For example, an employee from main office might visit a branch building housing sensitive engineering development and have his ability to share information disabled when entering that building in case he gets access to confidential information on new products.
‘The point is,’ says Strong, ‘Mobility suite gives IT managers not just a lot of control at network level, but also with the device profile. What we provide is powerful coupling between network level and device level control. However, the end user will see nothing, as it is all done by auto-provisioning.’
John Hanay, product line manager, mobility and BYOD at Aerohive, noted: ‘When you look at traditional businesses it was all built around standards, which became very common for desktops. That type of security is now being applied to wireless, but customers are trying to support a range of use types. Most IT departments start by trying to force device administration into one tightly controlled user model, but employees resist that. So, we looked at how to allow more flexible approaches that still gave administrators full visibility of what devices were on the network, where they are and what apps they are using.
‘We all want freedom of choice to choose our device and OS,’ continued Hanay, and we what the freedom to change that when we want to. But that makes it difficult for IT departments to support that in their environment, so we are giving them the tools to support the consumerisation process.’
Hanay pointed to the education sector in particular where one-to-one teaching initiatives can mean schools and colleges are investing in thousands of tablets, all of which have to be configured and access policies established.
‘iPads and the like are relatively cheap, so schools are putting the majority of their money towards the hardware and are not investing in more IT staff. So IT staff need the tools to manage the huge number of devices coming onto their networks all at once.’
Pricing and availability
Client Management is available as an annual subscription sold in packs of 100 devices for $1,200/year US list. Customers can take advantage of the cloud and try Client Management for free for the first 100 devices for 1 year!
ID Manager is available to customers starting at $500/year US list for 10 concurrent guest users and as low as $2 per device/year US list for BYOD users.
The forced enrollment integration with MDM partners is included beginning with HiveOS 6.0 as a free upgrade feature to Aerohive customers.