Byod 021413 Bookmarked Final

BYOD and Beyond
|m|ementing a unied
access solution
HP Solutions Series
John Faulkner
HP Press | www.hppress.com
Cover design: Stoere 8inken 0esign
About this book
Focusing on the business challenges and opportunities presented by BYOD,
r|c| meo|a, ano UC&C, || |oo| |nroouce |e || Un|eo w|reo ano w|re|e
Access solution of open, standards-based solutions. Discover how this
solution helps businesses of all sizes improve the user experience, strengthen
security, and simplify management, while reducing capital investments and
operating expenses.
This book is designed for IT department network directors or specialists who
are seeking solutions to their organizations unique networking issues in
responding to the challenges of technological trends, including BYOD, cloud
computing, virtualization, mobility, and rich media collaboration for a truly
un|eo acce o|u|on.
About HP
HP creates new possibilities for technology to have a meaningful impact
on people, businesses, governments, and society. As the worlds largest
technology company, HP brings together a portfolio that spans printing,
personal computing, software, services, and IT infrastructure to solve
customer problems. More information about HP (NYSE: HPQ) is available at
www.hp.com.
HP Solution Series
BYOD and Beyond:
Implementing a unifed
access solution
HP Press
660 4th Street, #802
San Francisco, CA 94107
BYOD and Beyond: Implementing a unified access solution
2013 Hewlett-Packard Development Company, L.P.
Published by:
HP Press
660 4th Street, #802
San Francisco, CA 94107
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any
means, electronic or mechanical, including photocopying, recording, or by any information storage
and retrieval system, without written permission from the publisher, except for the inclusion of
brief quotations in a review.
Warning and disclaimer
This book is designed to provide information about HP Unifed Wired and Wireless Access. Every
efort has been made to make this book as complete and as accurate as possible, but no warranty
or ftness is implied.
The information is provided on an as is basis. The author, HP Press, and Hewlett-Packard
Development Company, L.P., shall have neither liability nor responsibility to any person or entity
with respect to any loss or damages arising from the information contained in this book or from
the use of the discs or programs that may accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of
Hewlett-Packard Development Company, L.P.
Readers should be aware that Internet websites ofered as citations and/or sources for further
information may have changed or disappeared between the time this is written and when it is
read.
Trademark and acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been
appropriately capitalized. HP Press or Hewlett Packard Inc. cannot attest to the accuracy of this
information. Use of a term in this book should not be regarded as afecting the validity of any
trademark or service mark.
Feedback information
At HP Press, our goal is to create in-depth technical books of the best quality
and value. Each book is crafted with care and precision, undergoing rigorous
development that involves the expertise of members from the professional
technical community.
Readers feedback is a continuation of the process. If you have any com-
ments regarding how we could improve the quality of this book, or other-
wise alter it to better suit your needs, you can contact us through email at
feedback@hppressbooks.com. Please make sure to include the book title in
your message.
We appreciate your feedback.
HP HEADQUARTERS
Hewlett-Packard Company
3000 Hanover Street
Palo Alto, CA
94304-1185
USA
Phone: (+1) 650-857-1501
Fax: (+1) 650-857-5518
HP, COMPAQ and any other product or service name or slogan or logo contained in the HP Press
publications or web site are trademarks of HP and its suppliers or licensors and may not be copied,
imitated, or used, in whole or in part, without the prior written permission of HP or the applicable
trademark holder. Ownership of all such trademarks and the goodwill associated therewith
remains with HP or the applicable trademark holder.
Without limiting the generality of the foregoing:
a. Microsoft, Windows and Windows Vista are either US registered trademarks or trademarks of
Microsoft Corporation in the United States and/or other countries; and
b. Celeron, Celeron Inside, Centrino, Centrino Inside, Core Inside, Intel, Intel Logo, Intel Atom,
Intel Atom Inside, Intel Core, Intel Core Inside, Intel Inside Logo, Intel Viiv, Intel vPro, Itanium,
Itanium Inside, Pentium, Pentium Inside, ViiV Inside, vPro Inside, Xeon, and Xeon Inside are
trademarks of Intel Corporation in the U.S. and other countries.
iv
Contents
Chapter 1 Business opportunities versus
networking challenges .......................................................1
Consumerization driving BYOD .......................................................... 2
Video driving UC&C .............................................................................. 3
Technological challenges to BYOD and UC&C solutions ................. 4
Consumer devices, video, and voice ............................................ 4
Legacy systems ............................................................................... 5
BYOD .................................................................................................. 5
Beyond the technical challenges ....................................................... 6
UC&C and rich media ....................................................................... 7
IT factors driving unified access ........................................................ 7
Vendors moving beyond physical connections ............................... 9
Gartner Magic Quadrant: HP a leader ............................................. 11
The HP solution.................................................................................. 12
Chapter 2 The HP Unified Wired and Wireless
Access solution ...................................................................... 15
Evaluating your current infrastructure .......................................... 16
Architectural considerations .......................................................16
Four top considerations ...............................................................16
Changing the rules of user access ................................................... 18
The HP three-phase approach ......................................................... 18
Phase 1: Unify wired and wireless networks ............................19
Phase 2: Optimize for wireless connectivity .............................20
Phase 3: Accelerateprovide wireless as the key form of
connectivity ................................................................................21
Unifying the campus edge with integrated functionality ........... 23
v
Chapter 3 Building a better network with HP ....................... 27
HP Unified Wired and Wireless Access ............................................ 27
HP wired switches for Unified Wired and Wireless Access ........... 29
HP WLAN access points and controllers for unified access ......... 33
Features and benefits of HP Intelligent Management Center ..... 36
Chapter 4 HP unified access meets the challenge ............ 41
Key unified access features: BYOD .................................................. 42
Key unified access features: UC&C .................................................. 43
Key unified access features: rich media ......................................... 45
Chapter 5 Expert resources and next steps ............................ 49
HP expertise ....................................................................................... 49
HP ExpertOne career certifications for IT professionals ............. 50
More resources .................................................................................. 52
Chapter 1
Business opportunities
versus networking
challenges
In this chapter
9 What are the technological challenges to implementing rich-media, bring-
your-own-device (BYOD), and unifed communications and collaboration
(UC&C) solutions which can also be virtualized?
9 What is the best way to unify a wired and wireless LAN (WLAN) edge?
9 What are the business requirements for implementing BYOD and UC&C policies
and procedures?
9 How do industry analysts position the HP solution for unifed wired and
wireless access?
9 What is the HP solution for BYOD and UC&C challenges?
The rise of bring your own device programs is the single most radical
shift in the economics of client computing for business since PCs invaded the
workplace,
1
writes analyst David Willis for Gartner, Inc.

Whether you are con-
templating the creation of a BYOD program or currently trying to establish
one, you already know that Mr. Willis is not overstating the obvious. There
are not only new device types coming online but also rich-media applications
that integrate voice, instant messaging, video, and email with enterprise
software. This adds a new dimension of integration so that employees can
communicate in real time and increases emerging technologies, such as vir-
tualization, which need specifc security and compliance requirements. And,
2 Chapter 1: Business opportunities versus networking challenges
although the trend has far-reaching implications not only for companies but
also for the global workforce, the solutions cannot be revolutionary but must
be evolutionary.
In this chapter, we examine the factors that are driving companies like yours
to implement BYOD and UC&C initiatives. The success of those initiatives is
dependent on the consolidation and simplifcation of the network. We also
explore business requirements for BYOD and UC&C initiatives and the reasons
HP is positioned as a leader. And we take a conceptual look at HP Networking
solutions.
Consumerization driving BYOD
Several consumer factors have shaped the acceptance of personal devices in
business environments:
z Approximately half of U.S. adults own a smartphone, with rates higher
among more educated and well-of individuals.
2

z The endpoint commodities, such as smartphones, tablets, and laptops,
used by consumers compared to business users are converging. In the
mid-1990s, devices used by business were very diferent from their con-
sumer counterparts. Today, however, consumer smartphones and tablets
often surpass the requirements of the business user.
z With signifcantly improved network performance, personal devices can
use powerful software that is in the cloud.
z Consumers not only have more demanding computing devices but they
are also upgrading faster than in the past.
Consequently, companies can keep up with mobile technology innovation more
efectively by catering to consumer devices rather than by adopting technol-
ogy at the slower traditional pace of business. BYOD programs can improve
employee satisfaction, which can be critical to attracting and retaining tal-
ented staf. Many Gartner clients report that satisfaction with IT improves
substantially among users who opt in to companies BYOD programs.
3
Plus,
consumer buyers can take advantage of device and domestic-service costs
that typically are on par with the deals that companies can leverage for their
employees. As this parity creates an impact on commodities and services,
the only diference between consumer and enterprise endpoints is the soft-
warean area that IT can afect and, in many ways, control.
3 BYOD and Beyond
Figure 1-1 Working environment requiring unifed access solution
Video driving UC&C
Like the BYOD movement, several factors have shaped the business video-
based communications that drive UC&C strategies, such as:
z Simplifed and more efective usage of the increasingly broad range of
communications and collaboration options, such as VoIP phones, for
example.
z Improved responsiveness of individuals and groups to events like video-
based webinars.
z Increased integration of communication functionality and tools, such as
Microsoft Lync with applications like Microsoft Ofce.
Some types of rich-media communications are more prevalent, such as web-
casts and video conferencing, and some are new, such as troubleshooting
manufacturing processes, creating transparency of government processes,
and surveillance. Others include customer and employee training, as well as
digital signage.
These UC&C methods can be divided into two categorieslive streaming
(such as one-to-many webcasts, one-to-one video conferencing, many-to-
one video collaboration, or many-to-one surveillance) and on-demand video
(training, downloading, movies, and digital signage). The demands on the
network are diferent for each one: real-time streaming is very susceptible to
network delays, and on-demand video is more resilient due to local bufering.
Rich communications over the network require an infrastructure that deliv-
ers low latency and high resiliency and that ensures end-to-end trafc pri-
oritization. The solution stack involves functionality from infrastructure to
application layers. The network layer supports functionality, such as wired
and wireless connectivity, QoS, virtualization, and optimization. The session
layer provides video-call initiation, user registration, and interoperability; the
application layer provides access to video application and integration with
other UC&C applications. Security and manageability span across each layer.
Technological challenges to BYOD and UC&C
solutions
IT is straining to adapt to the challenge of providing secure connectivity for:
z Users who are on the move.
z Devices that talk to one another without human intervention.
z Workers reliance on real-time, interactive, and cloud-based applications
and services.
Consumer devices, video, and voice
Campus and branch networks must adapt to the latest WLAN mobility require-
ments for the new digital lifestyle driven by the consumerization of IT. A 2012
Gartner survey of CIOs at Gartner Summit events in the United States and
Europe indicated that by 2014, 80 percent of the global workforce might be
eligible to participate in BYOD programs.
4
As video gains popularity for everyday collaboration, the rise of IP voice and
video is requiring campus networks to have higher levels of performance and
availability. To deliver the high-quality experience users expect from voice
and video (which is driven by consumerization), the campus network must
scale signifcantly to accommodate increased bandwidth, users, and services.
5 BYOD and Beyond
Legacy systems
Most enterprise networks were designed before the widespread adoption of
mobility. Distributed applications and video, PCs, servers, and other comput-
ers were stationary. Applications were client/server, and user connectivity and
network design were rigidly defned. Advanced threatsgrowing in sophisti-
cation and persistence every dayare bombarding corporate networks and
endpoints. Using legacy three-tier architectures to provide secure access to
workers who often access enterprise resources over both secured and unse-
cured wired, wireless, and remote connections is too complex and costly.
As employees personally owned smartphones, tablets, and laptops gain
access to the heart of corporate applications, resources, and data, the swift
uptake of BYOD programs heightens the challenge. The velocity of transition-
ing to these new requirements makes the divide wider between wired and
wireless on the campus and branch networks. Readily apparent to network
administrators, swivel-chair management is the norm as IT juggles mul-
tiple disjointed tools in an attempt to control the entirety of the enterprise
network.
BYOD
A BYOD strategy is often for a large minority of professional employees and
part-time workers, but it is also being considered for the majority of contrac-
tors, interns, consultants, and other workers not directly employed by the
enterprise. With a BYOD program, users are permitted certain access rights to
enterprise applications and information on personally owned devices, subject
to users accepting enterprise security and management policies. Users select
and purchase devices, although IT might provide a list of acceptable devices
for purchase. In turn, IT provides partial or full support for device access,
applications, and data. In each case, support might be limited. Each organi-
zation decides whether to provide full, partial, or no reimbursement for the
device or service plan.
ITs best strategy to deal with the rise of BYOD is to address it with a combi-
nation of policy, software, infrastructure controls, and education in the near
term and with application management and appropriate cloud services in the
longer term. BYOD impacts corporate risk, infrastructure and software costs,
customer service levels, and TCO. It typically requires delivery mechanisms
(app stores, fle-sharing systems, and desktop virtualization) and signifcant
technology protections, including authentication, network access control
(NAC), mobile device management (MDM) and mobile application manage-
ment, encryption, and content protections. It often forces companies to adopt
thinner-client architectures, multiplatform mobile-application development
environments and frameworks, and HTML5 for mobile applications.
Companies might decide for various reasons not to have a BYOD program. In
todays business world, however, it is as important to declare that personal
devices are not acceptable endpoints to access company data as a policy as it
is to develop a BYOD program. Otherwise, employees might assume that BYOD
is an acceptable practice, and this assumption can unnecessarily complicate
employee expectations and relationships.
Beyond the technical challenges
Although the technical challenges are most critical to the success of BYOD
initiatives, several administrative tasks are also fundamental to efectively
implementing and sustaining BYOD policies, including:
z Organization-specifc BYOD policies that are developed in conjunction
with Legal and HR.
z Guidelines for who is eligible (and who is not).
z New employee agreements for support, risk, and responsibility.
z Adjustments to service levels.
z Service-desk training.
z Funding and reimbursement strategies.
z Employee education.
z IT specifcations on acceptable devices.
The approach to BYOD policies typically requires customization by country. It can
also have tax implications for both employee and employer.
7 BYOD and Beyond
UC&C and rich media
Efective communication tools are critical for the success of businesses. With
the adoption of new technologies, business communications are constantly
changing. Not too long ago, new tools emerged, such as email, instant mes-
saging, collaboration applications, and thin clients. Presence has now become
an integral part of the repertoire of communication tools. As a result, legacy
telephony systems are migrating to VoIP systems to reduce operational costs
and to simplify integration with other UC&C tools.
Now, visual communication is in the vanguard, and businesses are deciding
how to make use of video. Video communication can be used to resolve cus-
tomers issues quickly, train employees and customers, and help executive
management teams communicate corporate priorities with an entire organi-
zation simultaneously. IP cameras are deployed in process manufacturing to
troubleshoot issues with production lines and for surveillance at public ven-
ues, like malls and stadiums. Frost & Sullivan research shows that 76 percent
of companies use some version of video conferencing today, and 38 percent
use it extensively throughout their organizations.
5
Legacy networks were designed to handle data communications. The con-
vergence of data, voice, video, and collaboration tools is pushing legacy net-
works to a breaking point. The impact of enabling video is immediately felt
on the network, so careful consideration must be given to designing optimal
networks with capabilities to support rich-media communications.
IT factors driving unified access
In addition to the demand for BYOD and UC&C solutions, limited IT resources
and reduced IT budgets are dictating what IT purchases and deploys at the
edge of the network. As businesses adjust the size of their infrastructures for
efciency, the number of switching ports at the network edge continues to
decrease. And, according to a 2012 Gartner survey, 76 percent of enterprises
have only one employee dedicated to making these changes.
6
As a result,
these changes are driving the evolutionary emergence of a unifed access
layer that provides both wired and wireless connectivity.
Gartner Report: Impact of WLANs and reduced complexity at the edge
According to Gartner research,
7
WLANs will address the new connectivity
requirements, and enterprises will re-evaluate how wired ports are used, elimi-
nating unneeded ports. IT organizations will reduce the complexity and costs of
provisioning and managing network components by eliminating the need for
duplicate network applications and consoles. The following is excerpted from
that report.
Impact: Wireless LANs will address new connectivity requirements, and
enterprises will rightsize the edge of the network by re-evaluating how
wired ports are used and eliminate unneeded ports.
IT organizations continue to scrutinize network designs. At the edge of the
network this includes understanding how many users are actually connecting
to the wired ports that are currently deployed within the enterprise. Standard
network tools will report to IT managers the number of times the network is
accessed and how active network ports have been for a defned period of time.
These reports will help enterprise eliminate unused ports without afecting ser-
vice to end users. Users are bringing more devices to the enterprise for connec-
tivity, and these new devices are seeking wireless connectivity, so rightsizing
the current usage of existing ports will decrease the number of switch ports
that need to be refreshed, as well as the savings associated with the mainte-
nance and requirements for additional upstream ports.
Impact: IT organizations will reduce the complexity and costs of provision-
ing and managing network components by eliminating the need for dupli-
cate network applications and consoles.
As switching companies continue to integrate wireless products into a unifed
access layer solution, enterprises are looking for the tools needed to provi-
sion, manage, secure and maintain all components with the access layer of
the network to be consolidated. It is no longer acceptable to have two diferent
network management applications or difering guest access applications, espe-
cially if the solution is being provided by the same vendor. Unifying network ser-
vice applications reduces complexity by providing a single display and reduces
costs associated with redundant solutions.
9 BYOD and Beyond
Impact: Network service application innovation is being delivered by WLAN
vendors, and enterprises will purchase this new function across the edge of
the network to both wired and wireless clients.
Innovative leadership functionality for network service applications in recent
years has been led by wireless vendors. The adoption of 802.1X for client
security across the network was enhanced when the industry felt that wire-
less networks were unsecure. Guest access has moved from a media access
control (MAC) access control list (ACL) with a single captive portal experience
to certifcate-based and Web-based authentication methods that provide a
front end to multiple captive portals that allow IT organizations to defne the
end-user experience with much more granularity. The ability to integrate con-
text-aware variables such as location, as well as time and date, provide even
more granularity for enterprises to control where and when users access the
network.
Vendors moving beyond physical connections
More frequently, vendors are providing network services and applications
beyond the physical connection, including:
z Role-provisioning and guest-access administration for wired and
wireless guests.
z Firewalls.
z Policy enforcement.
z Network management integrated with system management that is aware
of wired components and is WLAN-vendor independent.
z Onboarding and NAC, including authentication and authorization services.
z WLAN forensics.
z Intrusion protection for wired LANs and WLANs.
z Voice services that enhance the application, including integrating with
unifed communications services.
z Video services that enhance the application.
z Location-based services, context-oriented services, and asset
management.
As vendors continue to expand their functionality, they provide additional
information to enterprises, enabling clients to maximize the productivity and
ROI of all access-layer connectivity.
Unified access business requirements for BYOD and UC&C programs
To establish BYOD and UC&C programs, several business requirements must be
met:
z Secure network access for end users, regardless of device types, that
is, consistent security and policy enforcement for all wired and wire-
less devices.
z Provide seamless performance for enterprisewide applications across
the wired and wireless network so that video and rich media run
smoothly with wireless near-gigabit speeds.
z Accelerate productivity across the organization (rich-media access
from any wired or wireless device).
z Reduce the complexity and the costs of provisioning and managing
network components (integrated network management tools with
full network and application visibility).
z Purchase devices and software that are based on industry standards.
HP Networking is placed in the Leaders section* of the Gartner Magic Quadrant
for the Wired and Wireless LAN Access Infrastructure.
8

*Gartner does not endorse any vendor, product, or service depicted in its research
publications and does not advise technology users to select only those vendors
with the highest ratings. Gartner research publications consist of the opinions of
Gartners research organization and should not be construed as statements of
fact. Gartner disclaims all warranties, expressed or implied, with respect to this
research, including any warranties of merchantability or ftness for a particular
purpose.
11 BYOD and Beyond
Gartner Magic Quadrant: HP a leader
Gartner evaluation criteria
To place vendors in the Magic Quadrant for the Wired and Wireless LAN Access
Infrastructure arena, Gartner based its in-depth analysis on a wide variety of
criteria, from the efectiveness of the products to the health of the organiza-
tion, as well as presales, marketing, operations, and completeness of vision.
Ability to execute
z Product/service
z Overall viability (business unit, fnancial, strategy, or organization)
z Sales execution/pricing
z Market responsiveness and track record
z Market execution
z Customer experience
z Operations
Completeness of vision
z Market understanding
z Market strategy
z Sales strategy
z Ofering (product) strategy
z Business model
z Vertical/industry strategy
z Innovation
z Geographic strategy
According to the research analysts at Gartner, Connectivity at the edge of
the enterprise network is more than just a wired or wireless LAN infrastruc-
ture. Enterprises must choose infrastructure vendors that support network
services, including security and management, and can integrate wired and
wireless networking products.
9
To help its clients fnd the right vendor for their wired and wireless infra-
structures, Gartner has developed its Magic Quadrant for Wired and Wireless
LAN Infrastructure by evaluating vendors that supply such products with a
comprehensive set of criteria (see sidebar, Gartner evaluation criteria). The
quadrants four sections are labeled Challengers, Niche Players, Leaders, and
Visionaries.
The HP solution
HP integrates functionality to unify access at the network edge. The HP solu-
tion includes a comprehensive portfolio of campus access technologies so
that businesses can deliver high-performance, reliable network services to
growing numbers of mobile users, with many benefts, including:
z High-performance wireless to support todays and tomorrows mobile
devices.
z Optimal wireless and high-speed wired connectivity.
z HP Intelligent Management Center (IMC) role-based access and central-
ized policy enforcement for consistent wired and wireless security.
z Energy efciency for greater savings.
z Greater visibility into network and application performance with HP IMC
single-pane-of-glass management.
z Simplifed architecture with enterprise-class reliability.
z Global reach of HP sales channel, plus service and support.
13 BYOD and Beyond
Key takeaways
With the HP Unifed Wired and Wireless Access solution, IT can unify wired and wire-
less LANs to deliver consistent user experience, integrated security, and single-
pane-of-glass management.
9 End-device security and management, along with reliable network perfor-
mance for wired and wireless connectivity, optimized power, and clear visibil-
ity, are the key technological challenges faced by IT today.
9 Secure access, smooth enterprise-application delivery, worker satisfaction,
reduced complexity, and industry standards are key requirements for a uni-
fed access solution.
9 The HP Networking portfolio of solutions that provide wired and wireless
access, plus network managementall based on industry standardsis the
key reason behind HP leadership in the Gartner Magic Quadrant. The HP sales
channel and service and support provide global reach and access to opportu-
nities that few companies can match.
9 Campus networks can be unifed with the HP Unifed Wired and Wireless
Access solution to improve the user experience, strengthen security, and sim-
plify management. By integrating wired and wireless networks at the edge,
you can more efectively enforce security and manage the network as a cohe-
sive integrated system.
In the following chapters, we look at the details of the unifed wired and wire-
less access solutions, specifc HP technologies, their benefts and features,
and how these products and services meet the connectivity challenges of your
enterprise. We also outline next steps and describe how to take advantage of
key HP services to unify your enterprises wired and wireless connectivity.
References
1 Willis, David. Bring Your Own Device: New Opportunities, New Challenges. Gartner,
Inc. August 16, 2012. www.gartner.com/id=2125515
2 Smith, Aaron. Nearly half of Americans adults are smartphone owners. Pew
Internet, Pew Charitable Trust, March 1, 2012. www.pewinternet.org/Reports/2012/
Smartphone-Update-2012/Findings.aspx
3 Willis, David. Bring Your Own Device: New Opportunities, New Challenges. Gartner,
Inc. August 16, 2012. www.gartner.com/id=2125515
4 Disabato, Michael. Creating a Bring Your Own Device (BYOD) Policy. Gartner, Inc.
April 13, 2012. www.gartner.com/id=1983515
5 Best Practices for Successful Video CollaborationServices Make All the Diference.
Frost & Sullivan. July 2010. https://h30406.www3.hp.com/campaigns/2011/
promo/1B01ZS/pdf/FrostSullivanVideoCollaboration_PREVIEW.pdf
6 Zimmerman, Tim, and Mark Fabbi. Unifed Access Layer Forces Changes to
Infrastructure Thinking at the Edge of the Network. Gartner, Inc. March 20, 2012.
www.gartner.com/id=1955717
7 Ibid.
8 Zimmerman, Tim, and Mark Fabbi. Magic Quadrant for the Wired and Wireless LAN
Access Infrastructure. Gartner, Inc. June 13, 2012. www.gartner.com/id=2048215
9 Ibid.
Chapter 2
The HP Unified Wired and
Wireless Access solution
In this chapter
9 What issues should you consider before planning a unifed access solution?
9 What is the HP approach to implementing a unifed access solution?
9 What is the current HP Unifed Wired and Wireless Access solution?
9 What key features are critical to deploying a unifed access solution?
Now that your company has decided to implement a BYOD program, you
have been tasked with addressing the technical issues. Your legacy IT infra-
structure is struggling to keep up with current needs, and now you need to
ensure network performance for bandwidth-intensive applications, simplify
deployment and management, and maintain security with limited resources.
The preferred way for your users to connect to wireless is through a WLAN
rather than through lower-speed 3G or 4G networks.
Your employees and contractors around the globe need access to applications
from anywhere at any time to stay productive, which means applications
must be delivered fawlessly from a virtual data center to a virtual workplace,
around the clock. Before we look at the HP three-phase approach to unify-
ing your network access, consider the four top issues for evaluating a unifed
wired and wireless access solution that can help you design a road map for
success.
16 Chapter 2: The HP Unified Wired and Wireless Access solution
Evaluating your current infrastructure
Start your road map for a unifed network by assessing and evaluating your
existing network infrastructure and how your organization wants to grow
the network based on which applications need to be accessed by which users
and from which locations. Next, estimate the trafc load that wireless users
and new mobile applications will impose upon the wired and wireless infra-
structure. Then, identify potential bottlenecks that might require capacity
upgrades.
Architectural considerations
When unifying wired and wireless, there are also architectural considerations.
You need to provide unifed network access as part of a networking solution
that leverages common hardware and software. Then, you must also pro-
vide consistent and correlated wired and wireless services, such as network
management and policy enforcement, as well as a scalable network core to
optimize end-to-end application performance. When implemented correctly,
mobility appears as just another integrated service of an enterprise network-
ing solution, like routing and security.
Four top considerations
Before we describe the HP Unifed Wired and Wireless Access solution, we
take a look at the four top considerations to implementing a unifed wired and
wireless network:
z Level of integrationConsider the level of integration between wired
and wireless in a solution. Without the correct level of hardware integra-
tion, it is difcult for a solution to provide meaningful TCO reduction. For
wired network devices, consider either integrated chassis-based solu-
tions to lower acquisition costs, reduced rack space, and redundancy
for always-on unifed network access, or stackable switches that allow
for growth over time. For wireless solutions, consider the latest genera-
tion of 802.11 technology for increased throughput, performance, and
reliability.
17 BYOD and Beyond
z Comprehensive, unifed network managementIt is no longer accept-
able to have multiple network management applications or difering
guest access and BYOD solutions. A common, intuitive, and automated
solution for provisioning, monitoring, troubleshooting, and reporting
that is based on combined and correlated wired and wireless network
information is essential. This reduces software complexity, maintenance
costs, and unplanned downtime by eliminating the need for redundant
network management applications. In other words, unifed management
should improve operational and administrative efciency, along with
problem resolution. As a result, your IT staf has more time to focus on
strategic initiatives.
z Integrated securityRole-based access and centralized policy enforce-
ment ensure that security and policies are assigned and applied consis-
tently for wired and wireless network access. Also, consider solutions
with integrated BYOD support to provide network access control, policy
enforcement, and quarantining for employee-owned devices, ensuring
the security and regulatory compliance of your network infrastructure.
z Open standardsA unifed access layer that is based on industry stan-
dards ensures a level of compatibility with installed endpoints and sys-
tems, and it simplifes support and integration of applications in your
network. A survey from Information Week Analytics on its Network
Computing website confrms that IT buyers favor products built to indus-
try standards over those with the latest innovation.
1
The report also
notes a general wariness of proprietary features, where many cutting-
edge capabilities are in fuxeither the standards arent complete or are
yet to be widely adopted. (For more information, see also the HP article,
Top 4 Considerations for Unifed Wired and Wireless Access Solutions
by Martine Velkeniers at h30507.www3.hp.com/t5/HP-Networking/
Top-4-consi derati ons-for-Uni fi ed-Wi red-and-Wi reless-Access/
ba-p/128941.)
Changing the rules of user access
At HP, we are changing the rules of networking with HP FlexNetwork architec-
ture, a component of proven HP Converged Infrastructure (for more informa-
tion about HP Converged Infrastructure or HP FlexNetwork architecture, go to
h17007.www1.hp.com/us/en/converged-infrastructure/). With FlexNetwork
architecture (see Figure 2-1), networks can be open, scalable, secure, agile,
and consistent from the data center, where applications are generated, to the
campus and branch, where users consume them.

Figure 2-1 The HP FlexNetwork architecture
With HP FlexCampus, an integral part of HP FlexNetwork architecture, you can
unify wired and WLAN campus networks to deliver consistent user experience,
integrated security, and single-pane-of-glass management. The solution seam-
lessly connects servers, storage, applications, and end users across a high-
performance network with one management platform to give you a simplifed
architecture, improved security, agile service delivery, and reduced IT costs.
The HP three-phase approach
The HP vision is an evolutionary three-phase approach to unifying network
access that protects your existing investments and minimizes disruption
along the way. In the frst phase, you begin by unifying your existing wired
network with your wireless network. In the second phase, you optimize the
campus network for wireless connectivity. And, in the third phase, you accel-
erate by establishing wireless as the key form of connectivity, ofering wired
as needed (see Figure 2-2).
19 BYOD and Beyond
Figure 2-2 HP three-phase approach to unifying access
Phase 1: Unify wired and wireless networks
In the frst phase, you unify access to wired and wireless networks to bring
together these once-disparate networks in a seamless fashion. Unifying
access improves the user experience and lowers capital and operational
expenses. HP provides the fexibility to choose networking solutions that ft
your companys business needs. We ofer a broad portfolio of wired switches
and wireless LANs, and we continue to evolve our switches and mobility
solutions.
HP ofers the following to unify the wired and wireless LAN access layer
components:
Integrated and dedicated wireless controllersSeamless integration of
WLAN controllers with HP fxed and modular switching platforms is an option
from HP. These integrated controllers unify hardware to provide the neces-
sary high availability and redundancy with one device to manage. Another
option is dedicated mobility controllers, which are also available for custom-
ers with multivendor wireless networks.
Unifed management and BYODHP Intelligent Management Center, or IMC,
provides network monitoring and security for wired and wireless networks.
HP IMC gives IT a single-pane-of-glass management application for the cam-
pus network and for data center and branch ofce networks.
The HP Unifed Wired and Wireless Access solution leverages technologies in
HP IMC and the network infrastructure to protect company-issued and per-
sonally owned mobile devices. Your administrators can specify the network
access rules, policies, and endpoint health posture requirements to meet
your organizations policies and industry-compliance requirements. IT can
also manage BYOD devices across the full cycle, including device onboard-
ing, provisioning, and monitoring, from the same tool. Network security and
performance policies for BYOD and company-owned mobile devices can be
dynamically provisioned based on user, device, location, and endpoint secu-
rity health.
Unifed featuresBecause all HP products are based on industry standards,
IT can deploy consistent features and access policies for all devicesno mat-
ter what type of device it is. Features, such as 802.11x, sFlow, and QoS, can
be set once and pushed to all devices to provide consistency across the net-
work. Also, with features such as Power Over Ethernet (PoE), management
policies can be set to turn of devices at certain times during the day to help
with energy efciency.
Phase 2: Optimize for wireless connectivity
After implementing unifed wired and wireless access in Phase 1 with the cur-
rent HP tools, you can further optimize the WLAN on your campus networks.
It is a new opportunity to rebalance your networks to make the WLAN ubiqui-
tous. You can also reduce redundant access where and when it makes sense
to further reduce capital and operational expenditures through HP Virtual
Application Networks.
In addition, HP RF optimization features and HP Wi-Fi Clear Connect software
are important in further optimizing the performance of your wireless campus
network. HP Wi-Fi Clear Connect automatically monitors and tunes the per-
formance of your WLAN and adjusts to the changing RF conditions present
in your environment. These capabilities make it easier for you to deliver the
seamless Wi-Fi experience that your workers expect today.
21 BYOD and Beyond

Figure 2-3 HP Virtual Application Networks with HP FlexNetwork
architecture
Phase 3: Accelerateprovide wireless as the key form of
connectivity
In the third phase, you establish wireless as the key form of connectivity and
wired availability as needed. During this phase, your IT can move to an all-
wireless network. You can also deploy Virtual Application Networks auto-
mation and administration with SLA monitoring, global policy management,
highly granular access-based threat management, and agile provisioning.
HP Virtual Application Networks delivers large-scale performance, resil-
iency, and security, as well as improved wireless capacity through RF innova-
tion, such as multiuser multiple input and multiple output (MIMO) and smart
antenna technology, along with advanced network management tools. In
addition, Virtual Application Networks provides a seamless interface to the
suite of HP Business Process Management tools for dynamic problem reso-
lution, advanced analytics and client self-provisioning, distributed QoS and
application support, and per-port intrusion prevention with acceleration.
Figure 2-4 HP Virtual Application Networks
Administrators use templates to characterize application-delivery require-
ments to ensure optimal application performance and reliability. Diferent
virtual networks can be designed to ft the needs of your various ten-
ants, applications, and services. Policy templates specify a broad range of
parameters, from QoS to security to bandwidth requirements. Polices are
enforced consistently, even in global networks. The foundation of the Virtual
Application Networks solution is HP IMC, which provides the tools to design,
create, and manage these virtual networks. Ultimately, your administrators
can quickly and efciently design network connectivity and instantly connect
new services, applications, and users to your network. Another key advance
is that IT can manage the network with policies rather than with CLI scripts.
23 BYOD and Beyond
Unifying the campus edge with integrated
functionality
The HP Unifed Wired and Wireless Access solution gives your IT the platform
it needs to capture todays rich-media, BYOD, UC&C, and converged-infra-
structure transformations to enable business innovations. Selecting products
from the comprehensive HP portfolio of campus access technologies, your
business can deliver reliable high-performance network services to mobile
users and rich-media applications. With guest and BYOD access, high-speed
performance, consistent policy enforcement, and single-pane-of-glass man-
agement, HP unifed access solutions deliver a clear advantage over stand-
alone wired or wireless LAN solutions.
High-performance wirelessHP ofers a portfolio of high-performance
wireless solutions, including dual 802.11n 450 Mb/s access points (APs) with
three-stream technology. Also, HP MultiService Mobility (MSM) access points,
RF optimization features, and wireless controllers deliver the wired-like per-
formance needed to support todays mobile workers.
Optimal wireless connectivityEnterprises and solution providers can use
HP RF Planner to accurately model WLAN coverage by factoring in variables,
such as physical features, building materials, and WLAN equipment char-
acteristics. With RF Planner, your network architects can optimize 802.11n
networks for todays dense mobile environments. RF Planner also facilitates
deployment by assessing security risks and generating equipment lists.
As organizations add WLAN capacity to meet workers mobility needs, they
typically deploy more PoE. PoE gives organizations greater fexibility in
deployment and eliminates the need to run additional wires to power wire-
less access points or IP phones, IP surveillance cameras, and other devices.
HP supports 802.3af PoE and IEEE 802.3at PoE+ in a broad selection of HP
switches.
Unifed security and policyIn a world where users are constantly on the
move, you can unify access control with HP products to strengthen your secu-
rity. Permissions are associated with a users identity, so the appropriate
security policies are appliedregardless where the user goes. IT has a con-
sistent method to provide guest and BYOD access, user authentication, policy
enforcement, and user management, whether users connect over wired or
wireless networks. Unifying access control also reduces the number of net-
work tools. And it reduces the complexity and cost of the network application
services needed to provision, manage, and authenticate users across one or
multiple enterprises.
Today, with the HP Unifed Wired and Wireless Access solution, you can deploy
hardware platforms on the access layer with integrated functionality that
deliver unifed wired and wireless LAN connectivity, including guest access,
single-pane-of-glass management, and reliable security and policy enforce-
ment. With this integration, you can deliver a consistent user experience while
minimizing capital and operational expenditures.
Energy efciency for greater savingsWith HP solutions, you can optimize
power for your campus networks and thus deliver additional savings. Multiple
HP switches support Energy-Efcient Ethernet (EEE). Also known as IEEE
802.1az, EEE optimizes switches power usage by reducing power to switch
ports when they are not transmitting or receiving.
In addition, multiple HP switches conserve power through power-manage-
ment techniques implemented in the highly integrated HP ProVision applica-
tion-specifc integrated circuits (ASICs), including voltage islands and variable
clocking, which reduce the chips power consumption.
Greater visibility into network performanceHP products support sFlow,
which provides clear visibility to the usage and active routes of both wired
and wireless connections. Integrated support for sFlow across HP Networking
portfolio means higher performance and a more cost-efective solution. Using
HP sFlow, your administrators have insight into metrics, such as top talkers,
top applications, and network connections, on wired and wireless networks.
Network monitoring and troubleshooting is simplifed with a unifed access
layer, and support for sFlow is essential for gaining visibility to the unifed
network.
Single-pane-of-glass managementHP IMC delivers unifed and consistent
management for all network components, including wired and wireless net-
works, and delivers single-pane-of-glass management. In addition, access
control, application performance management, and management of Virtual
Application Networks on the campus are modular features that can be added
to IMC, further extending its rich capabilities.
25 BYOD and Beyond
Role-based access and centralized policy enforcementIdentity-based
access ensures that the appropriate security and policies are applied consis-
tently, whether the user connects through a wired or wireless LAN. Advanced
QoS provides your users with the optimal experience, even when using time-
sensitive voice, video, and other rich-media applications. With HP IMC, you
can enforce the controls you need, while giving users the freedom to use the
mobile devices they want.
Enterprise-class reliability and lifetime warrantyAll HP Networking
switches that are part of the HP Unifed Wired and Wireless Access solution
are backed by the HP lifetime warranty with next-business-day advance
replacement. There is no charge for software updates and phone support.
This lifetime warranty from HP with free, normal-business-hours phone sup-
port drastically reduces your TCO. While most businesses pay close attention
to the availability and reliability of their core networks, campus networks are
often considered to be less critical. However, mobility makes the resiliency
of the campus network more important than ever before. If a wired switch
fails, the attached access points can lose connectivity, potentially cutting of
network services to hundreds of users. HP access switches are prepared to
meet high levels of reliability, and they are designed with redundant and hot-
swappable power supplies, modules, and fans to ensure continuous network
operations.
Key takeaways
Before you begin planning for a unifed network, there are several issues to take into
consideration. After you understand these issues, you can use the HP three-phase
approach to implement your strategy without disrupting your companys network.
Using HP Networking products, you can implement your BYOD and UC&C policies
while planning for future needs.
9 Ensure high performance for bandwidth-intensive applications, simplify
deployment and management, and maintain security with limited resources.
9 Use an evolutionarynot revolutionaryapproach to move from a mostly
wired solution to a high-speed, secure, mixed wired and wireless solution. Use
the HP three-phase approach to bring legacy networks into unifed networks.
9 Deliver a unifed solution to campus networks to improve the user experience,
strengthen security, and simplify management with an HP Unifed Wired and
Wireless Access solution.
9 Capture todays rich-media, BYOD, UC&C, and converged-infrastructure capa-
bilities to enable business innovations at the edge of the network with the HP
Unifed Wired and Wireless Access solution.
In Chapter 3: Building a better network with HP, we take a look at current HP
wired, wireless, and management features and benefts that can help you
build and optimize your network for unifed wired and wireless access.
Reference
1 Mullins, Robert. Network Buyers Survey: Standards Trump Features. January
11, 2012. www.networkcomputing.com/next-gen-network-tech-center/
network-buyers-survey-standards-trump-f/232400059
Chapter 3
Building a better network
with HP
In this chapter
9 Which three key product components make HP Unifed Wired and Wireless
Access possible?
9 What is required of wired devices to access a unifed network?
9 What is required of wireless devices to access a unifed network?
9 What should network management software be able to do for a unifed access
network?
HP Unified Wired and Wireless Access
With the comprehensive HP Networking portfolio of campus access
technologies, businesses can deliver reliable high-performance network ser-
vices to the growing numbers of mobile users.
28 Chapter 3: Building a better network with HP

Figure 3-1 Features of the HP Networking portfolio at work
With guest and BYOD access, consistent policy enforcement, and single-pane-
of-glass management, HP Unifed Wired and Wireless Access solutions deliver
many benefts, including:
z Single-pane-of-glass management with HP Intelligent Management
Center, or IMC, which simplifes network management and delivers reli-
able security for wired and wireless networks.
z Unifed access and policy control associated with a users identity, which
provides consistent guest and BYOD access, user authentication, policy
enforcement, and user management across wired or wireless networks.
z Integrated 802.11n WLAN controller modules for HP modular switching
platforms, which save you real-estate space and provide redundancy for
always-on network access.
z Dedicated mobility controllers, which are available to deliver fexibility
and choice.
z EEE, IMC power-saving policies, and other power-saving features, which
help decrease your total energy costs.
29 BYOD and Beyond
HP wired switches for Unified Wired and Wireless
Access
When legacy networks are pushed to the limit, they become fragile, vulner-
able, difcult to manage, and expensive to operate. Businesses with networks
at this breaking point risk missing the next wave of opportunities, such as
BYOD and UC&C. HP ofers a variety of switches that help meet the needs of
various network environments. These switches provide connectivity, perfor-
mance, scalability, security, and energy efciency, and they all can be man-
aged through single-pane-of-glass management software.
Industry standardsAll HP switches are built on industry standards. You
beneft from the open, standards-based approach that provides your busi-
ness scalability, security, agility, and a consistent user experience. With HP
FlexNetwork architecture, you can build a modular, heterogeneous network
with interoperable multivendor components to extend wireless and wired net-
works that are integrated, secure, and easier to manage. The HP FlexNetwork
architecture is a solution that adapts to your business conditions and gives
you a new way to connect and condense architecture with single-pane-of-
glass management.
1 GbE and 10 GbEWith switches that provide 1 GbE access and 10 GbE
uplinks, you can minimize network bottlenecks, which are often the result of
employees straining the capabilities of the network with bandwidth-intensive
applications, such as streaming video. HP has designed several switch series
to alleviate this problem with 1 GbE connections to client devices and up to 10
GbE to the core.
Layer 2 and Layer 3 functionalityHP access switches have the resiliency,
scalability, and Layer 2 and Layer 3 functionality needed to support migration
from the traditional three-tier networking model to a consolidated two-tier
model that is based on one collapsed tier for Layer 2 and Layer 3 distribu-
tion and access switching. The benefts of a single layer of aggregation in the
wiring closet include reduced switch count, simplifed trafc fow patterns,
elimination of potential Layer 2 loops, as well as STP scalability issues and
improved overall reliability.

Figure 3-2 HP optimized core and access layers
Power Over EthernetPoE provides convenience, cost savings, and in some
cases, solutions that are very difcult to conveniently provide any other way.
For example, clients can be placed wherever they are needed without requir-
ing power in proximitythey need only the wired Ethernet connection. The
most obvious client type that can take advantage of this is the wireless AP,
which can be situated for best radio-signal characteristics or hidden overhead
in the ceiling without having to pull power to that spot.
Another key beneft of PoE is cost savings. Getting power to areas that are not
typically served by power can greatly reduce installation cost. Power circuits
require electricians and breaker boxes, and providing power in the Ethernet
cable avoids these issues. Moving the client, if necessary, is also much easier.
Also, PoE enables solutions that are not otherwise available. For example,
building infrastructure, such as network-controlled door locks or security
cameras, are difcult to implement without PoE power. Many of these solu-
tions cannot fulfll the fexibility of location without PoE.
QoS and bandwidth managementAdvanced QoS features in HP switches
ensure that your employees have the optimal experience, even when using
time-sensitive voice, video, and other rich-media applications. Also, HP sFlow
provides clear visibility into the usage and active routes of both wired and
wireless connections, and integrated support for HP sFlow across the HP
Networking portfolio means higher performance and a more cost-efective
solution. HP sFlow gives administrators insight into metrics, such as top talk-
31 BYOD and Beyond
ers, top applications, and network connections, on wired and wireless net-
works. Network monitoring and troubleshooting are simplifed with a unifed
access layer, and support for sFlow provides essential visibility into the uni-
fed network.
High availability built inSome HP access switches have redundant hard-
ware components, such as power supplies and fans. These components can
be hot-swapped when they fail without afecting network trafc. If one of the
modules fails, advanced chassis switches ofer redundant fabric and manage-
ment modules that provide nonstop switching and routing. Advanced fea-
tures, such as In-Service Software Upgrade (ISSU), are typically deployed in
the network distribution and core devices to minimize downtime.
Energy Efciency EthernetEEE is a physical-layer standard that reduces
network power consumption by disabling transmit logic when there are idle
periods. The key beneft of EEE is realized when port trafc is underutilized.
EEE works out of the box and does not require any management software
that needs additional overhead or monitoring. When two EEE devices are con-
nected, you immediately start realizing the energy savings.
Depending on trafc patterns and idle periods, power savings can be fairly
substantial because PHY power consumption is second only to packet-pro-
cessing silicon. And because EEE is an inter-network (versus an internal)
power-saving mechanism, power savings are achieved on both the receiver
and the transmitter switch. The periods of power-saving enablement are con-
trolled by a standard link protocol negotiated on both sides of a link. Thus,
the energy savings are in real time and can be realized across the connected
network devices.
SecurityIdentity-based access ensures that the appropriate security and
policies are applied consistently, whether users connect through a wired or
wireless LAN. Advanced QoS ensures that your users have the optimal expe-
rience, even when using time-sensitive voice, video, and other rich-media
applications. With our access switches, you can enforce the controls you need
while giving users the freedom to use the devices they want. Many HP switch
products fully support 802.1x access control as well as Mac-Address Failure
Redirect (MAFR), which enables Simple Network Access Control (SNAC), a sim-
pler way to support BYOD. Devices are authenticated and authorized before
accessing the network, reducing vulnerabilities and security breaches.
Stacking and modular functionalityHP ofers a variety of modular and
fxed-port, stackable switches to meet your networking requirements.
Modular switches often provide maximum fexibility and investment protec-
tion, and they ofer an array of interface modules that are typically cycled
through upgrades at least three times over a period of seven to ten years.
Modular switches usually ofer much better backplane performance than a
stack of switches, and they normally have better power utilization on a per-
port basis than a stack. Because the switch management is isolated from the
I/O modules, an I/O failure has no impact on either the switch performance or
the other ports on the chassis.
With the HP set of switch virtualization technologies, your enterprise can dra-
matically simplify the design and operations of your campus fxed-port net-
works. HP stacking technologies essentially fatten campus networks, helping
to eliminate the need for a dedicated aggregation layer, and provide direct,
higher capacity connections between your users and network resources. Your
enterprise can overcome the limitations of legacy design and inefcient pro-
tocols by delivering new levels of network performance and resiliency.
HP switch virtualization technologies extend the performance and scalability
benefts of modular, chassis-based switches to both modular and stackable
switches. You no longer need to compromise enterprise capabilities for the
convenience and cost of a stackable switch. These HP switch virtualization
technologies, including HP Intelligent Resilient Framework, or IRF, and HP
Mesh, are included in a variety of HP campus switches.
UC&C application integrationVoice services that enhance applications
can be integrated in a switch as part of your companys unifed communica-
tions services. The HP AllianceOne Partner Program is focused on enabling
you to deliver secure, best-in-class networking solutions for your enterprise.
HP AllianceOne gives you the confdence that the joint solution works and is
supportedwhile providing the right application choice. This confdence is
provided through selected channel partners, HP support, and HP AllianceOne
Networking solution certifcations. You can rely on HP Networking channel
partners who are qualifed in both HP and alliance partners products to pro-
vide support services for the combined solution.
33 BYOD and Beyond
HP WLAN access points and controllers for unified
access
By the end of the decade, an estimated 50 billion devices will connect to wire-
less networks.
1
For worker and machine-to-machine transactions, WLAN will
emerge as the preferred method of network connectivity. One day very soon,
a wired-only network will be the exception.
Yet, many enterprises have found that their existing WLAN deployments
deliver a substandard user experience compared to wired networks. Distance
limitations of legacy WLAN implementations hinder true mobility, and perfor-
mance of those networks inhibits video delivery. In addition, securing a WLAN
often requires a separate platform, which drives up complexity and cost and
potentially impacts performance.
Nonblocking optimized architectureHP MultiService Mobility (MSM) APs
and MSM wireless controllers deliver the wired-like performance needed to
support your mobile workers who rely heavily on smartphones, tablets, and
laptops. The optimized HP WLAN architecture supports fexible trafc distri-
bution models and combines centralized management and control with intel-
ligent access points at the edge of the network for unparalleled scalability,
performance, and ease of deployment. The highly extensible WLAN architec-
ture and product family (which includes HP MSM 802.11n APs and HP control-
lers) enable optimal performance with low impact on the wired backbone, no
single point of failure, and cost-efective scalability.
MSM APsHP dual-radio three spatial-stream 802.11n APs give you near-
gigabit client access and support twice the number of users compared to two
spatial-stream access points. Sitting at the wired-wireless boundary, these
intelligent APs can apply policies and forward packets directly between cli-
ents and servers or can forward trafc to a centralized WLAN controller for
handling so that your network planners have greater choice and fexibility as
they roll out and expand wireless infrastructure.
The APs also leverage RF optimization features, such as beam-forming and
band-steering, to optimize client performance and to move 5 GHzcapable
clients to the less-congested 5 GHz spectrum. This leaves the 2.4 GHz for
clients that are not 802.11n capable, which increases your overall network
capacity. Your IT administrators can also use channel bonding in the 5 GHz
spectrum to double efective throughput for high-bandwidth applications and
BYOD trafc.
HP WLAN controllersYou can meet the needs of any size organization,
from small ofces to large enterprise campuses. HP controllers provide
refned user control and management, comprehensive RF management and
security, fast roaming, strong QoS and IPv4/IPv6 features, and powerful
WLAN access-control capability. The controllers support both central-
ized and distributed forwarding to deliver fexible deployment options
that optimize trafc fow, reduce latency, and increase WLAN scalability. HP
large-enterprise controllers provide resiliency and high availability with 1+1
fast backup and N+1 and N+N redundancy options. HP 1+1 redundancy option
supports subsecond failover to ensure continuity of services in large enter-
prise networks.
Working together with HP APs, the HP WLAN controllers can be deployed on
Layer 2 or Layer 3 networks without afecting existing confgurations. HP
WLAN controllers can be integrated with existing fxed and modular switching
platforms. The HP portfolio also includes dedicated mobility controllers for
overlay deployments. HP integrated controller modules for midmarket and
enterprise switching platforms unify hardware to provide the necessary high
availability and redundancy with one device to manage.
Self-optimizing WLAN performanceWith the HP unifed access solution,
your WLAN is self-healing, so you do not need to worry about users encoun-
tering dead spots or unpredictable performance when there is RF interfer-
ence or if an AP or radio fails. HP Wi-Fi Clear Connect software automatically
adjusts to changing RF conditions and delivers reliable Wi-Fi service to your
users.
HP Wi-Fi Clear Connect uses advanced Radio Resource Management (RRM)
to optimize WLAN performance and reliability, mitigate interference, detect
wireless threats, and simplify management. RRM automatically assigns and
tunes the transmit power levels and RF channels on APs to optimize the
system-wide performance and reliability of your WLAN. RRM takes place in
the background. Each AP scans all its available radio channels to monitor and
identify RF interference from nonWi-Fi sources. If an AP detects persistent
interference, it chooses the best alternative channel after verifying that the
interference is not present on the alternative channel. Scanning happens
quickly so that it does not impact the APs ability to service clients.
35 BYOD and Beyond
For example, if an AP detects interference from a microwave oven on Channel
1, it automatically changes its clients to Channel 11 (see Figure 3-3). The AP
minimizes disruptions as Wi-Fi devices are moved to the new channel, so
users IP voice and application sessions continue without pause.

Figure 3-3 Automatic interference mitigation
Wi-Fi Clear Connect further helps you improve your users Wi-Fi experience by
using dynamic client load balancing and airtime fairness. Dynamic client load
balancing is especially important in dense environments, such as classrooms
or conference rooms, as well as for supporting BYOD initiatives. With dynamic
client load balancing, the software determines the client load of its neighbor-
ing APs or the average number of clients per radio per band that the AP sup-
ports. It then balances the client load among APs by adjusting the transmit
power to move the clients gracefully to a less-crowded AP, which gives users
greater performance and a better experience.
Specifcally, airtime fairness enhances the user experience for 802.11n
devices. In a mixed network where 802.11a/b/g clients transmit at lower
speeds than 802.11n devices, the performance of the faster 802.11n laptops,
tablets, and smartphones can sufer. But with airtime fairness built in to the
HP WLAN system, all Wi-Fi clients are ensured equal transmit time over the
air. This way, one client cannot dominate the bandwidth, none of the Wi-Fi
devices starve, and the older, slower Wi-Fi devices do not hold up the faster
802.11n laptops, tablets, and smartphones. Airtime fairness is also aware of
the underlying QoS policies, ensuring that voice and other high-priority trafc
is never delayed by low-priority trafc.
HP Wi-Fi Clear Connect safeguards the WLAN against wireless threats with
an integrated wireless intrusion detection system (WIDS). The WIDS detects
common threats, including denial-of-service attacks, as well as unauthor-
ized APs and clients. Wireless threat detection is built in (no additional license
fees), and with it, your administrators can deploy APs as dedicated sensors or
in a hybrid mode that provides both sensor functionality and client services.
HP RF PlannerWith the HP RF Planner, you can model WLAN coverage accu-
rately by factoring in variables, such as physical features, building materi-
als, and WLAN equipment characteristics. Using this software, your network
architects can ensure that your 802.11n network is optimized for the dense
mobile environments that support todays mobile workers and tablets.
Features and benefits of HP Intelligent Management
Center
Using diferent toolsetsone for your wired network, one for your wireless
can be challenging to your eforts to manage your network, not to mention
troubleshooting the root cause of issues afecting either one. Instead of turn-
ing to a myriad of network management tools, your IT staf can use HP IMC
for single-pane-of-glass management across wired and wireless devices and
other multivendor network infrastructures that require in-depth control and
management of virtual environments. You can easily fnd and rectify issues
with the HP IMC deep visibility and management of both networks. HP IMC
delivers unifed and consistent management for all network components,
including wireless and wired networks. The single IMC console manages more
than 6,000 devices from 220 manufacturers, plus the complete HP portfolio.
HP IMC provides full-fault, confguration, accounting, performance, and
security (FCAPS) management and scales easily from small to very large
deployments. It is a modular platform that deepens the breadth and depth
of network management functions and other network services when needed.
By consolidating what traditionally is deployed as a variety of separate tools,
IMC simplifes operations and management and boosts network availability
through improved mean time to repair (also known as MTTR) through a single
place for monitoring and remediation.
37 BYOD and Beyond
HP IMC network access controlHP IMC uses role-based access and cen-
tralized policy enforcement, that is, identity-based access ensures that the
appropriate security and policies are applied consistently to users and their
devices regardless of whether they connect through a wired or wireless
LAN. The access-control solution of HP IMC consists of three components
that are integrated seamlessly in the IMC base platform and provides NAC,
policy enforcement, and quarantining to ensure the security of the network
infrastructure:
z HP IMC User Access Manager (UAM) module is the frst component of
the NAC solution. IMC UAM extends management to wired, wireless, and
remote network devices and enables the integration, correlation, and
collaboration of user- and network-device management on one platform.
By providing authentication and authorization for devices accessing the
network, IMC UAM helps reduce vulnerabilities and security breaches. For
granular, consistent policy enforcement across users and devices, IMC
UAM also identifes devices through fngerprinting.
z The second component, IMC Endpoint Admission Defense (EAD) service
module, provides security policy management and enforcement for
ensuring that end-user devices comply with established security poli-
cies. With IMC EAD software, which works in conjunction with HP IMC UAM,
administrators can control endpoint admission based on each devices
identity and posture. If an endpoint is not compliant with the established
policies, access to the network can be isolated or blocked for remedia-
tion. Also, for ongoing protection, IMC EAD software continually monitors
each endpoints trafc, installed software running processes, and registry
changes.
z The third component, IMC iNode client, is an agent that is installed on
the end-user computer. The IMC iNode client works in conjunction with
both IMC UAM and EAD to provide access, authorization, security man-
agement, and enforcement. The IMC iNode client works with the IMC UAM
service module to ensure that the access policies defned in IMC UAM
for access, authorization, and authentication are both supported and
enforced at the endpoint. The IMC iNode client works with the IMC EAD
service module to ensure that the security policies defned in IMC EAD are
enforced and, when necessary, actions are taken to quarantine endpoints
and to support users in resolving security policy violations. In essence,
IMC UAM and EAD service modules, along with endpoint control through
the IMC iNode client, consolidate NAC functions for you in one integrated
platform.
z HP IMC user monitoringIMC also gives your network administrators vis-
ibility into user behavior with the IMC User Behavior Analyzer (UBA) mod-
ule. With the UBA module, your administrators can audit user behavior for
website access, including information on specifc URLs. Administrators
can also audit user activity by email sender or receiver addresses, data-
base access and operations, fle transfers, and FTP access. When used
in conjunction with the IMC UAM service module, IMC UBA also provides
user-behavior auditing by user name and IP address. IMC UBA visibility is
the result of analyzing data from many sources, including NAT (network
address translation) records, NetStream, NetFlow, and sFlow records,
and DIG probe logs.
HP IMC UBA gives your administrators control of fltering, data aggregation,
and application identifcation and defnitions. As with other IMC features, with
UBA your administrators can manage auditing tasks, including saving task
confgurations for future use. UBA provides summarized audit reporting that
can query, sort, and group audit results by many felds, as well as saving audit
results to a fle for downloading.
HP IMC QoS Manager
The HP IMC QoS Manager (QoSM) component enhances visibility and control
over QoS confgurations on network devices. It provides real-time network
detection of QoS confgurations, so you can unify management of QoS poli-
cies. With QoSM, your administrators can organize trafc into diferent classes
based on the confgured matching criteriasuch as IP protocol type, among
othersto provide diferentiated services. The software gives you insight
into committed access rate (CAR), generic trafc shaping (GTS), priority mark-
ing, queue scheduling, and congestion avoidance so that IT staf can more
efectively control and allocate network resources.
39 BYOD and Beyond
With a rich set of QoS device and confguration management functions, IMC
assists your administrators to focus on QoS service planning and the most
economical and efective use of network resources, ignoring diferences in the
QoS confgurations of multiple devices. HP IMC QoSM provides real-time net-
work detection of QoS confgurations because it identifes QoS network-wide
confgurations, enabling unifed management of QoS policies.
Key takeaways
You can implement an evolutionary plan to unify your wired and wireless access
connections with HP Networking products at your own pace without replacing your
entire legacy network. With HP switches, you can scale your network when you need
to expand capabilities for connectivity, performance, security, and energy efciency.
With HP IMC, you can consolidate network control with its single-pane-of-glass
management software.
9 The HP Unifed Wired and Wireless Access solution comprises three key com-
ponents: HP IMC, HP Wired Switches, and HP WLAN APs and controllers.
9 The HP Wired Switches portfolio is a complete line of products providing
superior reliability, scalability, and performance, as well as comprehensive
features that help reduce complexity and maximize IT ROI.
9 The HP Networking portfolio ofers intelligent wireless solutions that provide
planning guidance, access, management, and security.
9 The HP IMC is a comprehensive platform that enables the efcient implemen-
tation of network management. Its modular design makes it possible to inte-
grate traditionally separate management tools.
In Chapter 4: HP unifed access meets the challenge, we look at how these HP
products meet your requirements for a complete unifed access solution.
References
1 More Than 50 Billion Connected Devices, Ericcson. February 2011. www.ericsson.
com/res/docs/whitepapers/wp-50-billions.pdf
Chapter 4
HP unified access meets the
challenge
In this chapter
9 Which key HP products are available to control user access and to manage
your identity-based policies for BYOD and UC&C initiatives?
9 How do HP unifed access and HP AllianceOne partnerships provide the net-
work speed for rich-media communications and simplify network design?
9 How do you use HP unifed access to integrate third-party applications, such
as Microsoft Lync, to provide survivable services (for example, external phone
calls) while sustaining internal peer-to-peer communications when the data
center cannot be reached?
Your business is deploying new technologies and applications to gain a
competitive advantage. With your companys expanding mobility require-
ments, now is the time to plan how to unify your wired and wireless access
for your new BYOD and UC&C initiatives. But you might be apprehensive about
adding complexity to your IT infrastructure, so you might try to acquire appli-
cations from your existing networking vendor. However, these are rarely best-
in-class. With HP Networking products and services, you can plan a migration
path to suit your business needs, your budget, and your own timeline.
The open, standards-based HP FlexNetwork architecture strategy incorpo-
rates applications from a variety of vendors, so you can choose the appli-
cations that best meet your needs, whether that means integrating WLAN
controllers in access switches or leveraging dedicated mobility controllers.
With a high-performance HP WLAN solution that integrates products from
42 Chapter 4: HP unified access meets the challenge
an extensive switching, routing, and security portfolio, you can meet your
companys demand for an evolving mix of wired and wireless network ser-
vices while lowering capital and operational expenses. And, through the HP
AllianceOne partner program, the applications you choose go through a rigor-
ous certifcation process to ensure that all components are efective. We take
a look at how the HP Unifed Wired and Wireless Access solution can help you
accomplish this.
Key unified access features: BYOD
An HP BYOD solution based on HP IMC delivers complete visibility from the
data center to the network edge. IMC goes beyond BYOD requirements by
delivering converged management across various networksphysical and
virtual, wired and wirelessand applies the appropriate security policies to
your users and their devices (personal or company owned).
Traditionally separate management tools, network services, policy manage-
ment, and user and trafc monitoring are integrated in the HP IMC modular
design so that you can manage and secure your wired and wireless infrastruc-
ture easily from one central location. Because of the HP IMC modular design,
deploying your BYOD solution is less complicated and easier to use. The mod-
ular design gives you the fexibility to add functionality as needed without the
need to deploy separate management tools.
For granular network and application access, HP IMC manages user access and
identity-based policies so that your IT managers can resolve complex security
challenges associated with BYOD policies. Your IT administrators can establish
and enforce granular and consistent network access policies for wired, wire-
less, and VPN users to protect your IT assets, mitigate risks, optimize network
availability, and monitor regulatory compliance. HP IMC provides a compre-
hensive BYOD solution that supports wired and wireless device onboarding,
provisioning, and monitoring.
43 BYOD and Beyond

Figure 4-1 HP BYOD solution
Key unified access features: UC&C
To efectively communicate and collaborate on projects with employees,
vendors, and partners, sophisticated tools are essential for your businesses
to stay ahead of the competition. However, the bandwidth needed for tools
employing voice, video, and desktop-sharing can place a heavy burden on
already overtaxed legacy networks. Using HP FlexNetwork architecture and
UC&C methods and devices, users can easily implement and use third-party,
best-in-class UC&C tools.
The low-latency and QoS requirements of UC&C solutions are well served
with the comprehensive HP Networking portfolio. To achieve the necessary
call and video quality for UC&C initiatives, Microsoft and HP have partnered to
produce a complete UC&C solution. In addition, the partnership has developed
HP 4110 and 4120 Lync-certifed IP phones and the HP Survivable Branch
Communications zl Module, which ensures continuous service for your Lync
VoIP calls by routing trafc to the PSTN (public switch telephone network) if
your WAN is down.
The HP-Microsoft alliance delivers UC&C benefits
During the 25 years of the successful HP-Microsoft partnership, our engineers
have worked together to deliver integrated products that solve real business
challenges. For example, throughout the HP and Microsoft alliance, HP remains
the number one infrastructure provider, and Microsoft is the number one oper-
ating systemapplications provider. Together, HP and Microsoft are satisfying
the UC&C requirements of millions of customers worldwide.
When you leverage the power of HP and Microsoft by deploying or adding Lync
voice and HP infrastructure to your UC&C environment, you can:
z Reduce infrastructure cost and complexityHP Converged
Infrastructure is an open, standards-based architecture that can be
integrated with your legacy infrastructure to intelligently and dynam-
ically evolve to an advanced fexible architecture for overall improve-
ment of services, ease of use, and scalability.
z Leverage existing Microsoft application and infrastructure invest-
mentsSeamlessly integrate Lync voice with Microsoft Ofce,
SharePoint Server, and Exchange Server. Create a consistent user
experience companywide while reducing communications costs.
z Increase efciency and worker productivitySupport a mobile or
distributed workforce without adding IT resources. Launch telecom-
muting, work-from-home, and green initiatives to support virtual
teams across geographies or regions.
z Enhance communicationsThe tested and validated Lync solution
from HP and Microsoft increases communication reliability so that
your teams can better serve customers, retain a competitive edge,
and diferentiate your business from the competition.
These solutions, developed by the HP-Microsoft partnership, are aligned with
the HP Unifed Wired and Wireless Access solution to give you full scalability,
manageability, and supportability, plus access to your entire network.

45 BYOD and Beyond
Figure 4-2 HP UC&C solution
Key unified access features: rich media
Video is compelling because of the richness of the information it can deliver.
Video conferencing is used to improve collaboration of distributed teams, pro-
vide training, and help executive management teams align the organization
with corporate priorities. Legacy networks, however, were designed to handle
data communications. The convergence of data, voice, video, and collabora-
tion tools is pushing the legacy networks to a breaking point. Voice and video
place huge demands on the network and are one of the primary drivers of
change at the network edge. Support for PoE and PoE Plus, QoS, NAC /802.1X,
resiliency, and survivability are required.
When you add video capabilities, the demand has an immediate impact on the
network. Careful consideration must be given to designing optimal networks
with capabilities to support rich-media communications. Because the HP
Unifed Wired and Wireless Access solution is based on open standards, your
IT team has the freedom to choose the proven solution for your business. The
HP Unifed Wired and Wireless Access solution can help your IT department
securely deploy and centrally orchestrate a video-optimized solution starting
from the access layer.
Benefits of HP Unified Wired and Wireless Access solution for rich
media
z Low latency networkThe HP solution simplifes the network.
Organizations can move to an optimized network, reducing latency
and improving users video experiences. This approach delivers supe-
rior end-to-end 802.1p/qbased QoS and a network bandwidth opti-
mized for video with delivery at near-gigabit WLAN speeds.
z Improved WAN connectivityHP ofers enhanced WAN from our HP
AllianceOne partner Riverbed to accelerate access to rich-media con-
tent through our modular wired-switch solutions. With this solution,
you can implement prepositioning and video-on-demand caching
(HTTP or HTTPS), split-stream technology, and multicast and unicast
support. Improved WAN connectivity means regulated video streams,
both in applications and social-based media.
z Video application deliveryWith FlexNetwork architecture, you can
use video on demand and other video servicesall integrated in one
module. With the virtualization technology built in the module, HP
solutions can simplify deployment and reduce the number of devices.
Also, HP was the frst networking vendor to bring EEE-compliant
switches to the market. These switches consume less power than the
industry average, contributing to lower TCO. Our switches support
PoE/PoE+ features to power up remote video-surveillance cameras.
z InteroperabilityHP and our AllianceOne partners ofer a variety of
solutions to enhance and support your video applications. We have
video gateways for visual collaboration (H.324, SIP), and our switches
support Link Layer Discovery Protocol-Media Endpoint Discovery and
autodiscovery features.
47 BYOD and Beyond
Figure 4-3 Solution architecture for rich-media communications and
collaboration
Key takeaways
The HP Networking portfolio ofers several products that can deliver the business
requirements for implementing BYOD and UC&C initiatives. Through partnership
with major vendors, such as Microsoft, HP delivers products that improve productiv-
ity across your enterprise.
9 The key HP products for controlling user access and managing your identity-
based policies for BYOD and UC&C initiatives are in the wired, wireless, and
network management portfolios, which provide choice and fexibility.
9 With Unifed Wired and Wireless Access solution, your IT staf can provide
employees customized workplace applications and tools, which can help
them collaborate and communicate with video communications cost-efec-
tively. Third-party applications, such as Microsoft Lync, are integrated in the
HP portfolio to provide survivable services (for example, external phone calls)
while sustaining internal peer-to-peer communications when the data center
cannot be reached.
In Chapter 5: Expert resources and next steps, we explore the HP experts
and services that are available to help you instigate an HP Unifed Wired and
Wireless Access solution. We also take a look at the HP ExpertOne career
certifcation program for IT professionals.
Chapter 5
Expert resources and next
steps
In this chapter
9 Which HP services are available to help you plan and implement an HP Unifed
Wired and Wireless Access solution?
9 Which HP program can help you train your employees as HP-certifed experts?
Now that you understand the key components of HP Networking and how
they can be confgured to implement a unifed access solution for your cam-
pus, there are some frst steps you can take toward evolving your network
and implementing your own BYOD and UC&C initiatives. Consult with the net-
working experts at HP. For long-range planning, you can also train your own
experts through the HP ExpertOne certifcation program.
HP expertise
HP ofers consulting, outsourcing, and support services to help your enter-
prise plan, deploy, and operate your network infrastructure for better
results. HP can identify opportunities for automation and can integrate vari-
ous aspects of the HP Networking portfolio in your business processes for
increased business efciency with new business models to help you redefne
your marketplace.
50 Chapter 5: Expert resources and next steps
The HP life-cycle approach to your unifed-access solution begins with expert
consultations and their assessments to help you develop your strategy. This
approach includes architecture planning and design through solution imple-
mentation and global support, and then outsourcing, if desired. Regardless of
the products you choose, HP services and solutions deliver business value at
every phase. The HP approach is also collaborative and modular, so you can
implement the HP Networking components that address your most pressing
needs frst and then add future capabilities according to a fexible timeline.
HP ExpertOne career certifcations for IT professionals
Join the HP ExpertOne community of 500,000 IT professionals and gain
access to other HP experts that are working around the globe. HP ofers edu-
cation services that are focused on the management of change to foster per-
vasive user adoption and learning solutions. The HP ExpertOne certifcation
program ofers excellent training and the appropriate certifcations across a
wide range of solutionsfrom all-in-one PCs to cloud computing. Choose the
HP learning options that work for you and your employees, including HP Press
publications and instructor-led or web-based training.
HP Networking certifcation topics include:
z Cloud
z Converged Infrastructure
z Wireless networks
z Network security
z Virtualization
z TippingPoint Security
51 BYOD & Beyond
Refer to Table 5-1 for more information on ExpertOne certifcations and HP
Networking services and training.
Table 5-1 HP ExpertOne certifcation programs and HP Networking services
Service or program Web address
HP ExpertOne www.hp.com/certifcation
HP ExpertOne networking career
certifcation
www.hp.com/networking/expertone
HP Networking services www.hp.com/networking/services
HP Networking training www.hp.com/networking/training
HP Press publications www.hppress.com
52 Chapter 5: Expert resources and next steps
More resources
Go to the HP Networking website (www.hp.com/networking) to fnd a wealth
of information about HP Networking solutions and products. Resources
include white papers, videos, blogs, press releases, brochures, case studies,
fact sheets, and solution briefs. For more information on specifc technologies
related to BYOD and on wired and wireless access solutions, see Table 5-2.
Table 5-2 More HP Networking resources
HP webpage Web address
Mobility www.hp.com/networking/mobility
Bring Your Own Device (BYOD), a
Holistic Approach
www.hp.com/networking/byod
HP Unifed Wired and Wireless
Access
www.hp.com/networking/unifed-access
Rich-media communications www.hp.com/networking/richmedia
Unifed communications www.hp.com/networking/uc
HP Virtual Application Networks www.hp.com/networking/van
Data Center Interconnect (DCI) www.hp.com/networking/dci
Dynamic Virtual Private Network
(DVPN)
www.hp.com/networking/dvpn
OpenFlow: Enabling technology
for software-defned networking
www.hp.com/networking/openfow
Acknowledgments
At HP Press, our goal is to create in-depth technical books of the best quality
and value. Each book is crafted with care and precision, undergoing rigorous
development that involves the expertise of members from the professional
technical community. We would like to acknowledge the team of experts who
helped bring this book to market.
Author: John Faulkner
HP Press Program Manager: Michael Bishop
HP Contributors:
Rebecca Humphress
Martine Velkeniers
Kevin Secino
Gladys Alegre-Kimura
Steve Brar
Kowshik Bhat
Publisher: HP Press
We want to hear from you. Send email to feedback@hppressbooks.com
HP HEADQUARTERS
Hewlett-Packard Company
3000 Hanover Street
Palo Alto, CA
94304-1185
USA
Phone: (+1) 650-857-1501
Fax: (+1) 650-857-5518

Byod 021413 Bookmarked Final

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Byod 021413 Bookmarked Final

Transféré par

Droits d'auteur :

Formats disponibles

BYOD and Beyond

Vous aimerez peut-être aussi