Aerohive is pleased and proud to pave the way to Simpli-Fi as we enable our customers to take control over the mobile first workforce with our new Mobility Suite of applications and functionality that provides the control and management necessary for the entire spectrum of clients and devices.
The Aerohive Mobility Suite featuring Client Management and ID Manager applications and integrated APIs with MDM ![]()
vendors leverages Aerohive’s industry-first Cooperative Control HiveOS platforms. Using the network level controls in HiveOS allows an administrator to define extremely granular policies that assign things like VLANs, firewall policies, QoS, and application permissions based on the available context such as identity, device type, location, and time - all without installing anything on the connecting device!
vendors leverages Aerohive’s industry-first Cooperative Control HiveOS platforms. Using the network level controls in HiveOS allows an administrator to define extremely granular policies that assign things like VLANs, firewall policies, QoS, and application permissions based on the available context such as identity, device type, location, and time - all without installing anything on the connecting device!
This makes the network-level controls in HiveOS perfect for devices brought in by guests - or even employee personal devices - where segregating them and limiting damaging apps is important, but when IT doesn’t want control over the device itself.
However - now you need a way to get those devices onto the secure network. This is where ID Manager comes in. This enterprise guest management application allows administrators to set up self-registration kiosks or captive web portals where users can input their information and receive a secure credential delivered by SMS, Email, or even Twitter DM. Administrators can easily see how many guest devices are on the network, assign different network-level policies based on user type, and de-auth any devices that are not complying with terms of use policies.
The next couple of devices in the spectrum require some additional device-level controls in addition to the network-level control. These are devices, either BYOD or corporate-issued, where IT is struggling with simply getting the devices configured to connect to the secure SSID.
As more school districts move towards 1:1 initiatives and the requirement for online standardized testing hits the 2014-2015 school year, we have some customers that aren’t struggling with just a couple hundred devices they need to connect to the wireless network, but rather tens of thousands of devices. This is a daunting hurdle for any already overburdened IT team, and the Aerohive Client Management application is designed to solve exactly this problem.
With a combination of single-SSID onboarding, a customizable self-service portal, and an integrated certificate authority, IT can use Client Management to efficiently onboard client devices to the network using a unique device certificate or even Aerohive’s patent-pending Private Pre-Shared Key functionality.
This auto-provisioning capability adds the additional layer of context to allow administrators to now specify network-level controls based on whether that device is corporate-issued or BYOD in addition to the rest of the available context - AND, because the enrollment profile is now installed on the devices, Client Management can also provide the administrator with some lightweight MDM functionality to implement device-level configuration and restrictions, such as requiring a passcode, configuring corporate email accounts, or even disabling cloud file sharing.
Now this is where it gets really cool.
Because of the tight coupling of Aerohive HiveOS functionality and the Client Management application, administrators can actually tie the device profile in Client Management to the user profile settings in HiveOS -allowing for extremely cool use cases like changing device restrictions based on location in the network.
For example, maybe when a user visits a branch location, even though the SSID, credentials, and device are exactly the same that they connected at the corporate office, at the branch location the camera and cloud file sharing are automatically disabled to protect the new products being developed there. Just imagine the possibilities!!
There are certainly use cases as I mentioned above where complete control over the entire user experience, including every application and all content on the device, is required. This is where our partnerships with AirWatch and JAMF Software come in. By using the functionality in HiveOS to redirect devices that are not yet enrolled or have removed the MDM profile, administrators can rely on Aerohive to simplify installing and provisioning partner MDM profiles in addition to the network-level controls in HiveOS.
Also new in this latest release is the ability to do compliance checking with AIrWatch - so now, not only will Aerohive check to make sure the AirWatch profile is installed, but it is also possible to confirm that every device meets a set of compliance requirements defined by the administrator. For example, changing the passcode every 30 days or not installing apps on a blacklist. If the device is not compliant, it can be immediately quarantined and HiveManager can send trigger an email to the client telling them to remediate the problem before regaining access to the network. Again you can see the benefit of a tight coupling of network and device controls!
All in all, the Aerohive Mobility Suite along with our cooperative control infrastructure provide the necessary functionality to Simpli-Fi device management, onboarding, application controls, and network security policies in a single solution, allowing an administrator to truly extend visibility and control to the very edge of the network.