主要小组combines Aruba’s SD-WAN and SD-Branch to power operations across nearly 50 locations nationwide

USE CASE:Support growth, enhance productivity and reduce cost by adopting software-defined Wi-Fi networking, including SD-WAN and SD-Branch.

---

在近40个租赁办公室扩展了1300英里的租赁办公室，为员工提供精简的，安全的Wi-Fi，要求Prime Group采用新的网络策略。

“Our Prime Residential division operates an expanding list of mid-market and upscale multi-family properties,” explains Luke Pfaffinger, Vice President of Business Technology at the 500-employee LA-based company. “To meet our high customer service standards and achieve our growth goals, we needed a reliable, future-proof solution that would easily scale and adapt.”

Software-defined Journey Begins

At the outset, Prime Group sought to overcome limitations of using an MPLS-based WAN and aging Cisco networking equipment by moving to software-defined networking. In addition to modernizing branch office connectivity for Prime Residential, the company wanted to standardize on a single vendor that could streamline connectivity for its other division, Prime Finance.

Engaging with Aruba and its engineering team has proven key to developing a powerful, flexible and scalable software-defined networking platform with the right features for us.Luke Pfaffinger,Prime Group商业技术副总裁

Pfaffinger说：“ Prime Finance在纽约，芝加哥和旧金山以及洛杉矶设有办事处。”“为了使我们的员工能够在主要住宅和主要金融领域采用云传递应用程序，我们需要消除现有的枢纽和辐条MPLS系统固有的瓶颈。”

After evaluating several options, Prime Group selected a comprehensiveSD-WAN和SD-Branchsolution from Aruba, a Hewlett Packard Enterprise company, for a two-phase deployment. “We were excited about Aruba’s commitment to software-defined networking and the innovative management tools,” Pfaffinger says.

Aruba SD-Wan的20倍性能提升

Pfaffinger的团队集中第一阶段的journey on deploying SD-WAN across both divisions. This involved adoptingAruba access points (APs)， 和edge switchesas well ascloud-based Aruba Central network management和Aruba Foundation Care持续支持。

Benefits quickly realized
Once deployed, the Prime Group’s new SD-WAN quickly delivered exceptional value. “Performance improved twentyfold, reliability shot up and the cost savings were considerable,” says Pfaffinger.

除其他事项外，该实现使将多个后台解决方案迁移到云。Pfaffinger说：“为了商业生产力，我们过渡到Microsoft Office 365，包括云托管的Microsoft电话系统，用于语音电话和Skype for Business。”

“Although we were concerned about audio quality over public Internet connections, we discovered it was considerably better than our private MPLS set-up,” he adds.

Aruba SD-Branch Adds Productivity, Security and Cost Advantages

More recently, Pfaffinger’s team embarked on the SD-Branch phase, which leverages Aruba Central. This phase included upgrading to higher-performance indoor and outdoor Aruba APs and Aruba Branch Gateways as well as migrating to Aruba Access Switches for continuity.

“We wanted to improve business continuity, productivity, efficiency and security, while simultaneously streamlining the network for additional cost savings,” says Pfaffinger.

“We also required effective scalability to support our company’s plans for expanding our footprint and pursuing new markets without adding headcount to our lean IT team,” he adds.

Delivering Guest Capabilities and Speeding Deployments

Immediate SD-Branch benefits include the ability to roll out a guest network in common spaces like clubhouses, lounges and pool areas.

“By segregating guest access from corporate traffic, we’re supplying a competitive amenity for residents and guests while also securely mobilizing our staff to work anywhere they’re needed on a property, indoors or out,” Pfaffinger says.

Installer slashes site deployment time by half

另一个好处来自Aruba的零接触式配置以及Aruba Central和Aruba Installer应用程序中的管理技术。安装程序应用程序使IT员工能够创建具有相似属性的模板和组位置，例如大厅，后台/维护位置和居民公共区域，以简化和自动化配置。

这意味着远程站点的非技术人员可以快速，轻松地安装Aruba AP，开关和网关，并确保在整个分布式企业中始终应用配置。

“The Installer helped us cut branch deployments to less than four hours, even when some site-specific adjustments were needed,” says Pfaffinger. “Before, it required at least a day to provision a site.”

Managing and updating branches is also speedy. “Whenever we adjust a configuration setting, or apply an update, the Installer automatically flows the changes to the associated components, including our APs, gateways and switches,” Pfaffinger says.

Better Together: Aruba PEF Firewall + Microsoft Azure

For security, Prime Group relies on Aruba’s comprehensivePolicy Enforcement Firewall (PEF), a feature integrated into every branch gateway. With over 4 million installations worldwide, the stateful firewall works alone, or in concert with other network and security solutions, to control access and traffic based on policies and roles.

“We’re very excited about the innovative, yet intuitive, features of Aruba’s firewall,” Pfaffinger says. “It’s a critical foundation for our migration to cloud-based business applications.”

安全，基于角色的访问

通过开源方法，Pfaffinger将Aruba访问执法与其Azure Active Directory（AD）相结合，以增强其身份验证安全性。他说：“通过将SAML与Azure Active Directory一起使用，我们可以轻松地区分管理人员的访问与我们的技术支持人员。”“这种多因素身份验证和条件访问为我们提供了颗粒状的控制。例如，技术支持人员仅获得仅读取特权而不是通过其在广告中定义的角色获得读/写特权的管理员。”

“In addition to creating a more secure environment than was available with our legacy firewall, combining our Aruba’s PEF with Azure AD streamlines employee onboarding and departures,” Pfaffinger continues.

“When an employee joins our company, we grant access in Azure based on their role and the firewall dynamically enforces access privileges,” he adds. “When an employee leaves, we simply cancel the person’s Azure account and we’re done.”

Optimizing performance and protecting users

Beyond access control, the firewall also includes Layer 7 awareness of over 3,000 applications for policy-based content and bandwidth control. “We’re leveraging benefits of filtering and bandwidth control for both our corporate and guest networks,” says Pfaffinger.

“High-bandwidth users or IoT devices can be investigated and throttled to ensure they don’t impact others,” he continues. “On the guest network, we can limit bandwidth to protect corporate performance and ensure the safety of minors by disallowing inappropriate applications and content.”

Up to 40% Productivity Gains

SD分支部署的另一个变革性好处是，将仅阅读的网络可见性授予Prime Group的帮助办公桌人员进行精致的故障排除。以前，只有公司的孤独网络工程师才能执行此类任务，从而导致解决方案延迟。

“We estimate the help desk team can resolve issues up to 40 percent faster, significantly improving productivity for IT staff and business users alike,” says Pfaffinger.

“Also, with the help desk team monitoring the health of our environment, we’ve more IT staff contributing to network optimization,” he adds. “In addition to making the help desk position more satisfying, we’ve enhanced our management capabilities with the same headcount and freed our network engineer to concentrate on higher-value tasks.”

Next Steps: Continuity, IoT and Other Enhancements

According to Pfaffinger, next steps include continuity enhancements, IoT adoption and networking advances.

为了提高Prime Finance分支机构的弹性，其辅助Internet连接将不再以备用模式运行。他说：“在Aruba Central和SD-Branch网关中使用功能，我们正在设置热故障转移。”

物联网以增强居住经验

Like most enterprises, the Prime Group plans to take advantage of IoT opportunities, such as installing leasing kiosks at Prime Residence offices. “The kiosks would provide prospective residents with information and other services until a leasing staff member becomes available,” Pfaffinger says.

In the future, adopting smart walkway lighting, intelligent environmental controls in common areas for augmenting maintenance or physical security are all IoT possibilities.

Evaluating SD-WAN Orchestrator and SaaS Prioritizer

Moving forward, Prime Group plans to explore Central’s latest features, such as the SD-WAN Orchestrator, the Virtual Gateway for Azure and the SaaS Prioritizer. The Orchestrator boosts efficiency by automating various networking tasks, while the Prioritizer enables fine-tuning experiences by prioritizing traffic for cloud-based applications.

Pfaffinger说：“我们总是对任何使我们更加高效和环境降低复杂的事物感兴趣。”

Regardless of the new connectivity capabilities Prime Group ultimately rolls out, Pfaffinger advocates working with the experts to achieve the best results.

“Engaging with Aruba’s engineering team ensured we designed our solution to evolve along with the platform to meet ever-changing market needs,” he says. “It’s proven key to developing a powerful, flexible and scalable platform with the right features for us.”