Aerohive A3: Helping IT Radically Simplify Access Management
In the IT world, I’ve watched the two massive shifts in my career. When I first entered it, it was workstation mode. Employees came into the office, logged into desktop computers, and did their work. We eventually moved to the mobility era with smartphones and tablets. That era took us to where we are now. We are currently entering, what I’ll call, everything but the office kitchen sink requires network access.
The workstation era was, in retrospect, a lot easier for IT departments to handle. Machines stayed in the office. Updates could easily happen overnight. Apps were often extremely locked down. As we moved into the mobility era, the job became a little more difficult for IT departments. There were a lot more apps to contend with, Wi-Fi had to be modernized, and devices went everywhere the employee went. Employees were no longer satisfied with IT locking down devices. C-level employees wanted to be able to mix personal and work on one device. IT had to respond in ways to keep the users happy, but also remain secure and in compliance. With the IoT (internet of things) era, it’s turned into, in some ways, a real nightmare. Devices are not able to be managed, easily connected the network, or even monitored. IT departments are still being asked to put everything from paper towel sensors to commercial HVAC systems on the network.
Aerohive is now entering the market of solving problems (once again) for IT folks everywhere with a Secure Access Management solution called Aerohive A3. The purpose of Aerohive A3 is to bring onboarding, security, management and control to all devices (IoT devices, corporately owned, and BYOD). In ways that Aerohive does best, it includes easy to use workflows and a streamlined user interface.
Like I mentioned, IT departments are continually tasked with putting all types of devices on the network. Once these devices are authenticated, they continue to be security concerns due to unpatched software vulnerabilities and other associated malware. IT security departments need a way to deal with this.
Aerohive A3 is broken down into six categories: Authentication and Registration, Compliance and Remediation, Device Management, Billing Integration, Network Access Control, and Device Profiling.
The Authentication and Registration feature is all about getting devices onto the network. It works with SSO, Active Directory, Captive Web Portals, Social Login, Employee Sponsorship, PSK, Certificates, and Aerohive’s PPSK (coming in Q3).
Compliance and Remediation is all about device compliance. You can look at OS version, anti-virus version, and applications on each device. If the devices don’t meet your level of satisfaction, you can quickly quarantine them.
The Device Management feature is not a mobile device management system, but it will integrate with MDMs. It currently works with JAMF and MobileIron. MaaS360 and AirWatch are coming later this. It includes secure provision for macOS, iOS, Windows, and Android.
The Billing Integration section is for hotels and other hospitality providers that want to charge for Wi-Fi access. It works with multiple third-party payment gateways (Authorize.net, Stripe, PayPal, etc.) to facilitate transactions.
Network Access Control is working with the rest of your networking stack to provide reporting and auditing. Aerohive A3 works multiple firewall vendors (Cisco, Barracuda, Fortinet, Palo Alto, Sonicwall (coming in Q3), and Juniper (coming in Q3). A3 will integrate with your switching, IDS/IPS, and other core components. It’s not just for Aerohive wired and wireless networking gear. Aerohive A3 works with just about everything.
Last, but certainly not least, A3 can do device fingerprinting. It integrates into with the largest database in the world to help you understand what types of devices are on your network. Instead of a general “Android” entry, you’ll be able to see if it’s a mobile phone or a wireless IP camera. This database is continually updated, so you’ll always know what is on your network and can take action.
Like I said earlier, A3 is out today with an on-premises version. A cloud-based version (with local enforcement) is coming in Q4. Pricing is $9,999 for the base license, and it starts at $7,000 per year for the device subscription (>1,000 devices).
When it comes to networking products, you have to be first or be the best. Aerohive’s A3 seems on track to be considered the best in this market. It’s built from the ground up for 2018 and beyond IT problems. It’s not four products that are bridged together with a clunky interface. It’s one interface and one product. There aren’t features to license either. Once you’ve purchased your base license and device subscription, you get the entire feature lineup.
Aerohive A3 is doing for the secure access management market similar to what they did for wired and wireless networking. They are making it easier for the IT manager to do his/her job without unneeded complexity. Regardless of what vendor the rest of your networking portfolio is made of, A3 should be your first choice for access management. If you’ve been overwhelmed by similar systems in the past (by the complicated workflows, the interface or the price – or all of them), A3 will be a breath of fresh air. Regardless if its staff, guest, IoT, or BYOD, Aerohive A3 will give you the tools to be informed and take action.
On Aerohive’s website, they use this phrase about A3:
IT security departments need to be able address these challenges cost efficiently, with a complete toolset for access management and control.
Truer words about IT in 2018 have never been spoken.