Users Guide

Dell Networking W-Series ArubaOS 6.4.x| User Guide BranchController Config for Controllers | 282

Chapter 11

BranchController Config for Controllers

Many distributed enterprises with branch and remote offices and locations use cost-effective hybrid WAN

connectivity solutions that include low-cost DSL, 4G and LTE technologies, rather than relying solely on

traditional E1/T1 or T3/E3 dedicated circuits. W-7000 Series Controllers are optimized for these types of

locations, which are more likely to use cloud security architectures instead of dedicated security appliances, and

where clients are likely to access applications in the cloud, rather than on local application servers.

Throughout this document the term branch controller will refer to a W-7000 Series controller that has been

configured via a branch config group created using the ArubaOS Smart Config WebUI.

ArubaOS supports these distributed enterprises through the following features designed specifically for branch

and remote offices:

l Authentication survivability allows W-7000 Series controllers to store user access credentials and key reply

attributes whenever clients are authenticated with external RADIUS servers or LDAP authentication servers,

providing authentication and authorization survivability when remote authentication servers are not

accessible.

l Integration with existing Palo Alto Networks Firewalls, like WildFire™ anti-virus and anti-malware detection

services. In deployments with multiple Palo Alto Networks (PAN) firewalls, W-7000 Series controllers can

select the best PAN firewall based on priority and availability.

l Policy-based routing on each uplink interface, which allows you specify the next hop to which packets are

routed. ArubaOS supports multiple next-hop lists, to ensure connectivity in the event that a device on the

list becomes unreachable.

l Uplink and VPNredundancy, and per-interface bandwidth contracts to limit traffic for individual

applications (or categories of applications) either sent from or received by a selected interface.

l Packet compression between Dell devices (such as devices at the branch and main office), to maximize the

amount of data that can be carried by the network.

l A WAN health-check feature that uses ping-probes to measure WAN availability and latency on each uplink.

The following diagram depicts managed node where a branch controller in the branch office learns the address,

routing information, and other provisioning information from the master controller.