The Sunnyvale, California-based vendor held back from launching an AP during the recent flurry of activity that coincided with the Interop show. Companies like Trapeze, Meru and Colubris all launched 11n APs, albeit in pre-standard form, of course, and a new kid on the block, Aerohive, emerged from stealth mode with a controller-less architecture that it touted as being more 11n-friendly than everything else out there.

Ratification pushed back

Mike Tennefoss, head of strategic marketing for Aruba, pooh-poohed these moves, however, arguing that with final ratification of the standard by the IEEE having recently been pushed back till mid-to-late 2008, it’s irresponsible to push something today. He argued that the devices unveiled in recent months were all designed to make a splash for press purposes, but may actually be counterproductive for the vendors who have launched them.

These smaller guys are attention-seeking, he began, but they may also be making themselves hostages to fortune, in that there is the potential for confusion in their own sales teams between pushing 11n or the b/g APs. He inferred that the two major players who have not so far pronounced on 11n, i.e. Cisco and Aruba, are adopting a more responsible attitude.

Furthermore, he added, while 11n holds the promise of a lower density of APs in a given network being able to cover the same area and number of users, customers deploying these new APs into existing b/g environments won’t be benefiting from this saving, since they’ll have to continue with their existing b/g density. Only once the standard is firmed up enough, his argument went, will it make sense to launch an AP that will enable a complete network refresh of a customer’s infrastructure, when they will be able to take advantage of the lower AP density.

Another issue he raised was that of the different power requirements of the higher-performance next-gen WLAN technology. 11n needs a new PoE injector so as to provide PoE Plus [802.3af], because it has greater power requirements, he began. This also means GbE cabling, because Cat5 100BaseT doesn’t support it. It must be at least 1000BaseT. Aruba already offers GbE ports on its high-end controller, the 6000.

While it’s still too early for an 11n launch from Aruba, Tennefoss said we don’t need to wait for 100% ratification. Instead, he went on, we hope it’ll be near enough ratified around November.

Aruba vs. Meru and Aerohive

Referring specifically to Meru, whose 11n offering entailed a change to its architecture, with the introduction of a third-tier of sub-controllers between the central box and the APs, Tennefoss said this was making a virtue of necessity. 11n is a challenge for Meru because their controller can’t handle it, since it’s an off-the-shelf PC in a rack-mount box, which means lack of throughput and processor power,

By contrast, he went on, we do purpose-built boards and processors, which means that the latency in our controllers is virtually nil. He added that, for large campus deployments, Aruba can also deploy slave controllers for local handling of traffic while a central switch is doing all the management. Meru also doesn’t do central encryption or network management, he went on.

As for Aerohive, he argued that its technology is a solution in search of a problem, referring to it as a very expensive system architecture squeezed by Ruckus and Netgear from below and us from above.

As for its more serious competitor, i.e. Cisco, Tennefoss argued that Aruba has distinct advantages in terms of security. They take a port-centric view, whereby the user comes through a particular port to access the network, rather like a VPN, whereas we assign credentials to the user and follow them, he went on. Cisco’s view limits flexibility, and all the features require another box per feature. Even our fixed-mobile convergence offering doesn’t require large infrastructure investments, unlike theirs.

Thin, ma non troppo

Tennefoss revealed that the 11n AP now being developed by Aruba includes hardware acceleration, with a stateful firewall and mobile routing for split tunnelling in the device. In other words, while Aruba made its name in WLAN switching, i.e. the generation of infrastructure that relied on an centrally switched overlay network and thin APs, apps such as firewalling and routing are actually running in the AP.

Indeed, Tennefoss went on, while Aruba shuns the idea of encryption and decryption in the AP, we can perform these functions in our mesh nodes to enable P2P networking with them, though we don’t like the idea of security keys sitting on a node out in the car park.

Our View

Tennefoss’ comments about those of Aruba’s competitors who launched 11n APs in May respond to their claims that his company isn’t offering 11n yet because its centralized architecture, and in particular its execution of encryption and decryption in the controller, impede it.

There has certainly been a lot of what Marxists used to call revisionism underway in the switched WLAN camp of late, with first Trapeze, then Meru moving intelligence back out towards the edge of their networks, whether onto the APs themselves or to a local sub-controller halfway between the central switch and the thin AP. Colubris, meanwhile, has been talking up this tri-plane arrangement for well over a year.

The drivers for those architectural changes have been VoWiFi, which is more latency-intolerant that the average data app, and no 11n, with its promise of greater bandwidth, concomitant with higher performance demands on the network infrastructure.

Aruba insists that its architecture requires no fundamental changes for the coming storm, however, and the proof of the pudding will have to be in the eating. Let’s also see how Cisco, which is market leader in terms of APs deployed in the field, will address the perceived challenges of voice on WLAN and the new high-performance 11n technology.