[MUSIC] Hey, welcome back. My name is Tyler McMinn with Aruba. This is our Cloud Essentials Part 2 of our video series and we're going to be jumping into Cloud Device on boarding. So no more or not as much pie in the sky high level view. Let's actually look at what it would take to get a device onto Aruba Central so that we can actually take advantage of those cloud features. So we're going to start with the difference between a standalone versus a managed service provider or this would be a company that manages a bunch of smaller businesses and handles their connectivity for them, at a certain location or across the world if you really wanted to. Look at the on boarding process issuing keys and subscriptions for a centralized campus through an MSP and handling that customers view of their own network through this managed service provider. So the managed service provider would be the one that handles the on boarding, the keys, subscriptions, device assignment and actually assessing advent roles that individual users or technicians. What we would call installers. So adding devices into Aruba Central, Aruba Central is Aruba's cloud based orchestration security tool. It's the interface that you would log into from any device to be able to manage your network. It gives us the capabilities of doing zero touch which is considered the best way as it's a very simplified way of installing devices will take a look at that next. We could use cloud activation keys to get a switch or an access point or gateway onto Aruba Central and then you can always manually add devices by MAC address or serial number. You can download the Aruba app to your Apple or android smart device. This app from Aruba allows you to take a picture of the devices serial number and Mac address and then the central will automatically update, activate with the serial number of MAC address it really couldn't be easier. If you have access to an activate account then you can just add inactivate rules to say for example if it's this model of device so you purchase thousands of access points and you want to have all your 505s show up under a particular activation then you can do that there. So Zero Touch Installation, not much to really stay here. So you have a purchase order of 100 devices for a sample company like Customer MyCorp Incorporated in this case it sends Aruba purchase order and then Aruba delivers the 100 devices, say instant access points. As well as Aruba central keys that were purchased. The keys are essentially the license that allows those instant access points to dial into Aruba central and then be managed to get all the benefits of that cloud intelligence. We'll take a look at keys a little more detail here. So next Aruba updates activate with the purchase order information including the customer's name, the key identifier or key number and the 100 IAPS that they purchase. Activate is used to dynamically provision remote APs which require a controller or instant APs that do not require controller. They control themselves or basically are managed through central. If they do require controller than like wraps remote APs it will point them to their controller or their airwave or in this case central. When John customer a MyCorp employee registers and signs up for Aruba Central using his email and we'll look at that process here in a second, John at the Aruba Central subscription key that Aruba sent with their purchase information. And central account communicates with activate and gives the customer's name, ties it to the key showing that John of MyCorp actually purchased access to Aruba Central. Then, activate an Aruba central account about all the 100 access points that belong to the account and IAPs will now start showing up in Mycorp's central inventory under my devices. So the universal access point is basic operating system that all of our access points ship with starting with the 300 series, we're now to the 500 series. It follows a discovery process to become a controller based or an instant AP and you can go through this in detail, we do this in our official three day five day technical courses where we dive into this. But once the universal access point basically the any AP, it boots up and it hasn't yet joined the cluster of other instant APs or joined a controller or joined activate. If the UAP is just left to its own devices powered on and connected, it will contact the activate cloud service and then activate will at this point recognize the UAPs MAC address and it will redirect the user the Universal AP to the customers central account. So it automates this process starting with these different steps where the device boots up, first it looks for controller and if none is found, then it will listen for an instant access point where it may have other APs at a school or something. Where you're not joining activate cloud, you're not joining central, you're not joining a control you just have 100 or so access points at a site and you just go in cheap, right? So nothing in the cloud based or whatever these APs will cluster among themselves. It's a neat little feature of our we call them instant access points. You don't buy them separate all of our APs from Aruba can go through this process. So it doesn't matter what the model number is, the version or anything, they'll all basically cluster together as instant APs unless you have a controller available for them. If the UAP does not discover another instant AP or virtual controller, we call it, the AP will try to connect to air wave which is an old school management server that's on premise versus central, which is kind of a cloud version of that. If an airwave servers not found then it will connect to activate. So the final step here is that it will essentially go off and look for an activate service in cloud from Aruba. And all activate really is is a way of organizing the products that you buy from Aruba to kind of bootstrap them so they can then go to their point of management, airwave controller that's on premise or to join up to central. In this case we're not really going to worry about instant APs we're not going to worry about or I should say instant APs that are not talking to central, we're not going to worry about airwave, we're not going to worry about controllers, we have courses that dive into that over several days. But if the ultimate goal is just to join central, then that's going to be this final step here, connect to central and upgrade whatever configuration you've set up in central for that particular site or that particular group of devices. Once that's done then the device is basically set up. So after the SSIDs broadcasted there's no keyboard input or an active web UI session for 15 minutes, UAP reboots, starts the discovery process again. In other words, if nothing is set up, you didn't set up activate, you didn't set a pair of way, you don't have any other instant APs, you don't have a controller, then the AP just start this process again. And so that can be something to look into if your excess points are just sitting there cycling every 15 minutes or so, it may be that they're not able to reach the web, there might be something blocking their internet access on their wired ports, something along those lines. So here's this universal access point image on this AP which is the default it boots up and assuming there's nothing on site it will dial home to activate. Once UAP communicates with activate, activate can then tell it hey, you're going to instant AP, this is the virtual or a cluster of instant APs, it can tell that cluster to go ahead and get its configuration from Central. That central configure is going to be pushed down and you're good to go. At that point you're up and running. So it's fairly automated, you don't really need to do much other than powered on and plug it in on the wired port port ethernet zero, if you have five ports, it's the very first one. And as long as it's got power and the address to get online then it should be able to dial out to the cloud. Next, you want to make sure that you have some sort of license here. So in the case of instant APs, one of the instant APs will elect itself as the controller of the other instant APs, we call this a VC or Virtual Controller. It's not an actual switch based controller like he would have with a 7200 series of the old 7000 series, so you don't get some of the benefits of scale that you get with a 7200 piece of hardware. But you do check all the boxes for deep packet inspection, fire walling, guest access, employee access, secure access. Everything that you would need for the performance of these access points is basically there. It's just not as high performance. You're going to have thousands of APs that are all clustered together. You can get about 125 in a virtual cluster or cluster of instant APs. So this cluster, these APs where you just put a bunch APs and the same VLANs, same broadcast domain, they automatically elective VC and eventually they dial out to activate to get their configuration. Activate can then send down to the VC including a cloud activation key if one has already been staged. So to set this up and activate, you after buying the hardware would go to Aruba's website even before the devices have been plugged in or anything, and you could set up this activate account to put in this activation key for these forthcoming pieces of hardware. These forthcoming access points. Once that's done, this key will automatically get pushed down and if you open up your browser to the VC address or any of the addresses actually, it will take you to this browser based Virtual Controller Interface here where this 303H series access point has a Cloud Activation Key already popped in there. And you can see this under maintenance and the about section right there. All devices that communicate with activate again the cloud will get a Cloud Activation Key. So here's a switch that has communicated with Activate, Activate has distributed a Cloud Activation Key there and you can use the show provisioning command. There's also a browser based who we on our switches if you'd like to use that. But if you're using command line through console or through SSH you can do this with a show activate provision command. It will give you that Cloud Activation Key. Now the other option is instead of using activate to activate your devices, activate to activate you could just manually add your devices into Central. So by manually adding devices in the same Device Inventory gooey right here, go into your account homepage and device inventory, you can select add devices, there's add devices button down here. And here you can either add the instant APs, MAC addresses and serial numbers as you see fit. You can find this information the instant gooey page or on the devices label. So if you're looking for the serial number of an access point, just look on the back of it or on this documentation or there's a little asset tag that you can pull out on the front of your CX, which is for example, there's a number of ways to find it. So when you hit the little add it pops up and you can add in multiple devices. Once you're done, hit done and it adds them into the inventory on your account. Pretty easy. The smartphone methods, probably the coolest one because you can simply just download an app. So there are two different applications, you can download for central, the Aruba central app or the Aruba installer app. The central app is for those who are managing a central account and this will require you to log in with your central credentials. The installer app is are those who are just installing devices but you don't actually manage them, so this would be a good app to distribute to someone who's rolled a truck and went on premise or someone who is not as technical who's just there to install but doesn't actually configure the devices themselves. Like a 3rd party bar. So if you want to onboard devices from the smart phones central account, here's the app as it's shown and it's the same process as manually adding devices except here. You just take a picture which is which is really cool. So you just grab a picture of this has got the MAC address and the serial number already there, it appears on the lower screen, activate will verify this access point. And if the IAP, the Instant Access Point does not belong to any other central account, it's going to be added as a new device. Boom successfully on boarded.
