I apologize in advance for the length of this post!


Quick! Make me a list of parts needed for an enterprise wireless rollout covering a couple of large buildings with a requirement for 2.4GHz and 5GHz radios. Pretend the site survey has already been done(You do still do these right? You better!) and the access point count is 400. What items do you have on the list?

1) Access points
2) Controllers
3) Management platform

There’s going to be some other things, but just assume you already have switches that are PoE capable. Now, make the same list with Aerohive.

1) Access points
2) Management platform

Notice anything missing? Of course. The controller! That’s Aerohive in about 30 seconds worth of reading. There’s more to it. A lot more, but the main thing about Aerohive that makes them different from most other wireless vendors is their controller-less stance. Why take that stance? Hardware is advanced enough today to allow full feature sets on access points and have them cooperate with other access points on the network.

Benefits of Controller-Less Wireless Network

Imagine for a second what the benefits are to a controller-less wireless network. I can think of 4 big ones.

1) Performance – What is the effect of having all of your control plane traffic and most of your data plane traffic tunnel back to a central wireless LAN controller? Latency. What if all of your data plane traffic was dumped right onto the switch straight from the access point? What if the access point was smart enough to take care of all the control plane functions like authentication, roaming, etc?

2) Cost – Controllers are expensive. You also have to buy more controllers as you increase the number of access points on the network. Add on additional controllers for redundancy and watch your costs go up even further.

3) Scalability – Consider along with cost, that you can only expand your wireless network so much until you are limited by the controller hardware itself. As you add more and more access points to local or even remote locations, you also have to be aware of how many access points your controllers can support. If you don’t have to worry about controllers, you can scale out as needed.

4) Survivability – If my controller dies, my access points are going to have problems. Hopefully, there is a redundant controller waiting to take over. If so, you better hope that redundant controller is sitting in the same data center or it sits in a data center nearby with a fat pipe between all the access points and it. Of course, in a controller-less environment, this isn’t even a concern. Some vendors can negate controller loss to a certain extent(Cisco and Aruba), but you still lose some functionality in that situation.

Wireless LAN Controller History and Application

Maybe you are wondering why wireless LAN controllers even exist. Well, there is a very good reason they were created.
At the time controllers were developed, it was problematic to manage a bunch of autonomous access points across a large enterprise. Controllers made it a lot easier to do that. Don’t take my word for it though. Listen to Bob O’Hara talk about it.

Controllers solved a problem with regards to management and access point hardware limitations, but in doing so, created another problem. Now, all of your access point traffic(control and data plane), or most of it, comes back to a central wireless LAN controller. This becomes an issue with 802.11n and the amount of bandwidth each AP can support on the wireless side. That traffic has to be sent back to a controller. It is important to note that many wireless vendors are starting to leave some of that data plane traffic out on the edge and let the access point switch it locally instead of hauling it back to the controller, but they are still leveraging controllers to do the heavy lifting. Aerohive cuts out the controller entirely. You can read about that in greater detail here.

My Experience With Aerohive

Last Thursday I was sitting in the Aerohive headquarters in San Jose listening to one of the most amped up technical presentations/demos that I have ever been a part of. We didn’t quite reach Steve Ballmer levels, but it was close! The room was small, but not too small. The Twitter feed was projected on one of the walls. The audience, of which I was a part of, was engaged. The presenters were even more engaged. It was a good time for everyone. Why do I bring this up? I want you to understand how excited Aerohive is about their product. I don’t even use their products and I was ready to start cold calling customers on their behalf right then and there!

Okay, so I should confess that I DO use their products at home. I have a pair of HiveAP 110’s that I received from Aerohive as product samples. I decided to replace my existing single AP at home with a pair from Aerohive. In reality, I was only supposed to get one, but Marcus Burton from CWNP was sitting next to me and he already has several at home and gave his to me. Thanks Marcus! I’m the only one in my neighborhood with my own “hive”. I haven’t done the official “war drive” through my subdivision with my Metageek and AirMagnet(Fluke) spectrum analyzer hardware to know for 100% certain that I am the only one with my own “hive”, but this is the Internet and I can say whatever I want with no repercussions. 🙂 You can rest easy knowing that if you ever swing by my house, I can give you guest access via a captive portal, or just give you your own private pre-shared key without having to give out my pre-shared key that I use to secure my own devices. Cue the Shaft theme music.

Potential Issues With AeroHive

1) I won’t consider Aerohive until they have some market share. – I don’t know what that market share level is supposed to be, or for that matter, how to even measure market share. Wireless is growing leaps and bounds. Companies that weren’t customers a year ago may have a full wireless deployment today with hundreds of access points. It seems to me that market share is a bit harder to nail down in the wireless space. Where I will give this line of thought some credence is in regards to funding. If you are not well funded or don’t understand how to run a business properly, you run the risk of going out of business even if you are selling plenty of hardware. It takes more than a good idea to build a successful company!

2) Aerohive is using unproven technology. – This is essentially the “I wish I had implemented this first” argument. If you are selling controllers and relatively dumb access points, you don’t want to embrace the controller free ideology until you can bring your own similar solution to the market. Or, perhaps you are going to keep selling controllers as long as people will buy them. At what point does it become “proven” technology? I’m thinking it has a lot to do with market share when people make this argument. For the record, every large vendor out there has a ton of smart people working for them. The problem is weaving through the processes these companies have in place in order to bring new solutions to market. They don’t have the flexibility of the smaller companies, but can occasionally one-up them due to good acquisitions (ie Cisco’s purchase of Cognio birthed Clean Air).

3) Aerohive can’t scale. – You can make this argument against the controller as well. 802.11n is going to jack up required throughput levels on these controllers to amounts that have never been seen. It would make sense to be able to dump off the traffic from the access point right into the edge as opposed to bringing it back to the controller. Where this argument holds some truth is when you consider the large number of secure tunnels each Aerohive access point might have to make in order to communicate with other access points. I’m not sure what the maximum number of tunnels the Aerohive access points can support is. I do know that there are deployments out there in excess of 3000 access points. I work in a fairly large building with wireless access points that are placed for voice and location services. It’s a fairly dense layout and I don’t even come close to 3000 access points. How many environments are going to require numbers like that? Merchant silicon has come a long way in the last 10 years.

4) They have to sacrifice features for performance. – With no controller, each access point will have to be intelligent enough to manage a wide variety of things. I can think of 2 things you have to dp without today in an Aerohive environment. First, there isn’t a robust WIPS(Wireless Intrusion Prevention System) offering. Second, there is no spectrum analysis offering. I suspect the spectrum piece will be dealt with at some point if there is enough demand, and I am quite certain an improved WIPS offering is in the works. As for other features, they have them. Pretty much anything from making an SSID available on a schedule(ie Guest access from 8am-5pm) to QoS is available.

Closing Thoughts

Aerohive is at the front of the next phase of wireless networking. Xirrus is there too. Others will be coming along, but I suspect for most it will be incremental steps. As wireless continues to grow, and it WILL grow, companies like Aerohive will be attractive for quite a few reasons.

1) They cost less overall than controller based solutions and have a streamlined pricing structure.
2) Their feature set is on par with controller based solutions.
3) Products like TeacherView(which is free) help lock in verticals like Education.
4) Small product line reduces confusion when trying to sell a solution to new customers. There is such a thing as having too much choice in hardware.
5) There are no single points of failure or bandwidth bottlenecks.
6) Management can happen on premises with a local(physical or virtual) Hive Manager or off premises(in the cloud) depending on the customer needs.

I don’t live in fantasy land where there are no problems with every new vendor that comes along. Aerohive will have problems come up. It might be in their support model. It might be with buggy code. It might be with a couple of bad batches of access point hardware. There might even be architecture issues that I am just not seeing. For now though, I like what I see and haven’t come across any one thing that tells me it would be a bad idea to deploy Aerohive in an enterprise network. The thing that scares me about companies with cool technology like Aerohive and others like Riverbed is that some gigantic tech company will come along and buy them and run the products into the ground.

One Final Point

It is only a matter of time before the really big wireless players jump on the controller-less bandwagon. Motorola and Aruba have already made steps in that direction. Aerohive has to continue to close big deals and increase market share while they still have a leg up on the larger wireless vendors. If they don’t, then 2 or 3 years from now when the big boys are pushing the same solutions, it will be an arms race and Aerohive will lose. My hope is that they continue to innovate with extra offerings like TeacherView and stay one step ahead of the bigger vendors. In time, perhaps they will have an equal or greater share of the market than some of the existing companies do.

Other Aerohive Related Posts

Tech Field Day – Aerohive by Tom Hollingsworth
AeroHive, HP, ‘Big Boner’ AP’s and Wireless LAN Controllers by Greg Ferro
Aerohive HiveAP Provisioning Basics by Andrew vonNagy
Distributed Marketecture by Devin Akin from Aerohive

Am I Paid To Shill For Aerohive?

No. If I am, then my wife must have found the check before I did. I have followed Aerohive for about a year now. I am a fan of good technology, and even more so when it goes against conventional wisdom. I also like rooting for the underdog. I was part of Wireless Tech Field Day which took place in mid-March out in San Jose. You can read my standard disclaimer here.

This entry was posted in vendors, wireless and tagged , , . Bookmark the permalink.

8 Responses to Aerohive

  1. Devin Akin says:

    Hi Matthew,

    This post kicks butt. 🙂

    I’d like to address a couple of points, if I may.

    1) Aerohive only requires AP-to-AP tunnels in the case of L3 roaming, and L3 roaming is a feature used in a very small number of installations, even in the large enterprise. Nevertheless, even when it is in use, Aerohive uses tunnel balancing (which means that tunnels are evenly balanced across APs on each subnet) and then torn down when they aren’t needed. It’s a self-balancing and self-cleaning design – much more scalable than using controllers for this purpose. There are other scenarios when you can design your network to use AP-to-AP tunnels for traffic distribution, such as when you might want a guest SSID to tunnel user traffic to an AP in a firewall DMZ, but those scenarios are never scalability issues. For typical enterprise deployments, AP-to-AP deployments aren’t needed for any reason.

    2) Your points about enhancing our WIPS and spectrum analysis offerings are being addressed as I type. We innovate like the wind blows. 🙂 We heard the delegates 5×5.

    Thanks for taking the time to write all of this up. It was an excellent read!


  2. Gizmozo says:

    Well written article… smacks it over the rope….. bring on Spec An …. G/

  3. Marcus Burton says:

    Dude, nice write-up. You are most welcome for the second AP.

    Since you brought it up, I have a question. Based on your experience, how does an “unproven” vendor gain market share if everyone says “get more market share first?” I agree with you and think it’s valid, I’m just curious. It’s like the classic catch-22 of employment. Before you can get a job, you need more work experience. Thoughts?

    • Marcus,

      In my experience, two things have to be in place before you can land some significant deals. First, the people selling the product have to be excited about it and experienced. You can move product all day long in the SMB space as long as the cost is low and the product is easy to use. Where you really want to be is in the enterprise or large environments. That’s where the excitement and experience will come into play. If you send junior sales people or low end engineers into larger environments, odds are they are going to get laughed out of the room. Bigger companies are going to have far more focused technical staffs that will be up to speed on their particular field of expertise. They will also have large implementations of your competitors products. You will need to know how to sell against the incumbent from a financial perspective as well as from a technical perspective. You need to sell me on the fact that your product is legit and your excitement about it needs to be grounded in the fact that you know what you are talking about. Genuine excitement from people selling something they know a bit about is a hard combination to turn down.

      That leads me to my second item. The vendor has to have a compelling technical reason for people to consider them if they are just starting out. Otherwise, you are just more of the same. Take US cell phone companies for example. They all cost too much and overall their service stinks. Why would I want to trade one carrier for another? Now, give me a carrier with great service and lower overall cost and I am willing to walk from my existing provider and go to the better one. There’s got to be a compelling reason for me to pick your product. Maybe it is the fact that you offer me certain features that other vendors don’t have. Or, perhaps you are able to immediately address certain pain points I have that other vendors have been ignoring or can’t solve until some hardware/software update is released 6 months from now.

      I guess it all boils down to “what makes you unique”? What makes you stand out from the rest? If nothing, then I go back to my cell phone provider analogy. Why would I want to buy from you when I already know what to expect from the established or incumbent vendor?

  4. Pingback: Back From the Pile: Interesting Links, April 1, 2011 – Stephen Foskett, Pack Rat

  5. Christopher Butler says:

    It’s worth noting that Bluesocket is already doing the same thing — no central controller, just central management. All functionality is pushed to the AP. I don’t work for them, just use their product on my network.

    • Christopher,

      Thanks for the Bluesocket mention. I’ve heard their name mentioned very infrequently in the past, but will have to look into them some more. I didn’t realize they have been around for a decade! I assume you have had a good experience with them?


      • Christopher Butler says:

        Very good experience. We had their product on our LAN for wireless for about 8 years. And, hard-to-believe, we’ve had the same controller appliance the whole time and it’s still running and it supports 802.11n (which we now are running). Remarkable that an 8-year old appliance was built with enough horsepower to survive this long and continue to support new technologies. Very nice integration with Active Directory and when we went to 802.11n we also implemented WPA2 Enterprise (EAP-TLS) and it’s worked like a charm.

        We are migrating in the next couple months to their virtual WLAN controller model, keeping the current access points that we already have, and adding more to increase density to support a significant increase in wireless devices on our campus.

Comments are closed.