Aruba 8400 Product Chief On Beating Cisco On An 'Industry 4.0' Blockbuster Deal
A Blockbuster Aruba Win Vs. Cisco
When one of the world's largest manufacturers decided to move forward with an "Industry 4.0" Internet of Things strategy, it bet big on Aruba in a $7 million deal that displaced network incumbent Cisco.
The driving force behind the big win that came just two months ago was a desire by the manufacturing customer to power an Internet of Things, industrial automation solution framework, said Michael Dickman, vice president of switching at Aruba and Aruba 8400 product chief.
"The No. 1 and No. 2 benefits are going to be automation of policy that is pushed down into the wired network so they can bring on new Industry 4.0 robots and manufacturing systems," said Dickman of the deal. "They'll now be able to bring that Industry 4.0 experience to the manufacturing floor faster. The networking team will actually be an enabler and accelerator of that intiative. The No. 1 initiative at the company is to move to Industry 4.0 to have dramatically more efficient and higher-quality production. Now the networking team is at the vanguard of that initiative.”
That deal included over 200 core switches—primarily 8320s with about a dozen 8400s—at between 50 and 70 manufacturing facilities. It also includes 4,000 access switches connecting to all of the manufacturing plant equipment—mostly machines, robots and industrial systems. On the software side, it includes a couple of thousand Aruba Airwave (software) licenses, 100,000 ClearPass endpoint licenses with 30 ClearPass appliances.
"Cisco was the incumbent," said Dickman. "HPE Aruba didn't have any of the switching in that account prior to this deal."
Talk about the key gains made by HPE Aruba in the first year of the 8400.
First off, the customer traction has definitely been solid. We have many hundreds of customers at this point. We are very pleased with it. The core of the network is not an easy decision to make. To have hundreds of customers making that decision is fantastic.
At this point we are selling in good numbers in all major regions of the world: North America, Latin America, EMEA, APJ and even China. All regions of the world are adopting this.
Higher education is our biggest vertical with 30 percent of sales. The remainder is distributed across many, many other verticals from casinos to to large manufacturing companies to energy companies.
What type of adoption are you seeing for the 8320?
We're finding a lot of use cases for the 8320 iRU. We launched that a little after the big chassis 8400. The 8320 is like the little brother. The 8400—the Catalyst killer—has outstanding performance and density. There are some use cases where customers don't need all that horsepower. Instead of 19 teraybtes on the 8400, there are 2.5 terabytes on the 8320. What customers are really after is the software capabilities.
What partners are having the most success with the new core switch line?
What we have seen is the most successful partners with it are the regional powerhouses—not a mom-and- pop shop, but also not the global or massively large service providers. We are seeing these very strong regional players with good customer relationships seeing an opportunity for these cutomers to get out of old infrastructure— very often Cisco, but also Juniper and others. So we are seeing them go after customers where they may have a relationship in some other area of the business with Aruba at the access layer, switching, wireless or security, but they see this opportunity to bring in a more automation- and analytics- centric approach into the core of the network. Where we are seeing the sweet spot is partners that have the right balance with the sophistication to be able to handle the full portfolio and the customer intimacy. This is a conversation that is different. The 8400 isn't just another switch. It provides really powerful analytics automation capabilities.
Talk about a recent 8400 blockbuster deal.
The one I am very excited about is a fantastic win we had two months ago with one of the largest manufacturers in the world. They wanted to do an Industry 4.0 strategy with the network enabling Internet of Things, industrial automation, flexibility and agility. They have embraced an end-to-end Aruba architecture that embraces a policy model that lets them do the correct policy deployment into the wired network with the same ease we do with wireless.
We do that with the technology we call dynamic segmentation, which allows profiling and assessment of devices and pushing [network] policy down into the switch.
The deal's scope started at the core of the network and from the user. The customer was looking at how to implement new local-area network standards so they could get the right combination of device services, experience and policies and network automation and analytics.
It was a $5 million deal and $2 million in support services. It includes a lot of implementation and deployment services, which a partner is providing, and some services that HPE Aruba will provide.
This was definitely competing head to head against Cisco. Actually, Cisco was the incumbent. HPE Aruba didn't have any of the switching in that account prior to this deal.
It's a huge deal with over 200 core switches at between 50 and 70 manufacturing facilities. Most of those will be the 8320. Most of their manufacturing plants are an appropriate size for the 8320. There are about a dozen 8400s in the deal with 4,000 access switches connecting to all of the equipment in their manufacturing plants—mostly machines, robots and industrial systems. It also includes a couple thousand Aruba Airwave [software] licenses, over 30 ClearPass appliances and 100,000 ClearPass endpoint licenses. That is the key in how they look at tying it all together.
The customer is also buying more than 60 mobility controllers even though they are not rolling out any new wireless. They are basically bringing a mobile IoT approach to the wired network. By bringing in mobility controllers they are going to take advantage of those capabilities for traffic, segmentation, isolation, deep packet inspection and the built-in firewall to simplify the way policy and security is done. So they will suck a lot of the critical traffic up from the access layer. They'll leverage the mobility controllers—which are going to be used for wired traffic in this case. Then they are going to complement this with hundreds of core swtiches over the whole network in terms of all their plants, which will give them the ability to do network automation.
What are the big user experience benefits that customer will see from the new Internet of Things Aruba capabilities?
The No. 1 and No. 2 benefits are going to be automation of policy that is pushed down into the wired network so they can bring on new Industry 4.0 robots and manufacturing systems. They'll now be able to bring that Industry 4.0 experience to the manufacturing floor faster. The networking team will actually be an enabler and accelerator of that intiative. The No. 1 initiative at the company is to move to Industry 4.0 to have dramatically more efficient and higher-quality production. Now the networking team is at the vanguard of that initiative.
The No. 2 benefit is automation of the overall network level looking down into the whole network. That is about better analytics, performance, troubleshooting, application performance and device counts that will now be automated and embedded into the network.
They didn't think of it as an infrastructure decision only. They thought of it as infrastructure policy decision to enable Industry 4.0. Clearly, there are a lot of services and implementation on this. This is a deal we are really excited about. It's such a compelling use case.
They needed security and segmentation for their manufacturing environments. They can not compromise on that. From that perspective, the combination of Aruba switching and Aruba ClearPass was strictly better and easier than the competition. That was the slam dunk for us along with the automation and analytics in general for operational efficiency. Once you define the roles and security policies that can be automatically deployed in the infrastructure. We do that better than the competition. That was a huge differentiator. Frankly, ClearPass is the best on the market.
What is the key functionality in ClearPass that is winning the day?
With ClearPass the key functionality is the concept of defining security and policy based on user rules. So you can have a real sophisticated policy definition for the role—whether it be employee, guest, contractor or printer. In manufacturing it might be an inline production device, monitoring device or video surveillance. What happens is you can then have a business decision around how to define the correct policy for those roles. The beauty of ClearPass plus Aruba switching is you do that centrally and then it is just automatically downloaded and enforced into the infrastructure. So you do not have to configure security by port. You configure security by what you actually want to achieve based on the user, device and policy. You don't even have to script or do any configuration by port. The switch receives the policy and enforces it. That dramatically simplifies the implementation of the security. ClearPass also has a beautiful definition of the security as well. So you get this great centralized ability to define security and then you have an automated and seamless distribution and enforcement of the policy.
What were the key drivers in terms of network automation that drove that big win for Aruba?
The customer thought about four levels of service: visibility and policy for authentication and profiling, management and troubleshooting, user experience including quality of service, and then security preauthorization and post-authorization. The question was how do all those building blocks tie together and the architecture we brought starting with OS-CX—the operating system for the 8400—was really compelling. They together with the partner are going to stitch this together for their full Industry 4.0 vision.
What does that blockbuster win mean for channel partners looking at the end-to-end Aruba network architecture opportunity?
What it means for the channel is there is a clear opportunity for channel partners with the right level of sophistication and customer intimacy to step up in the value they provide for customers. There are two things going on in the network industry: a long-term commoditization trend and at the same time the network is becoming more and more critical. It is becoming absolutely central to everything that is happening to IoT, mobility, cloud. The question is which side are partners going to fall on: Are they going to fall on the side of procuring gear at a low price or fall on the side of solution enablement where they can tie together automation, security, etc? I see a massive opportunity for channel partners to make that connection and actually solve the real customer problem, which is, No. 1, operational efficiency, and No. 2, security in a world of mobile cloud and IoT. That is what we are building and the partners that are embracing that not only win the deal, but they win the services opportunity and customer intimacy and they do so in a way that allows the customer to achieve their objectives with a great ROI.
How does the team feel about the gains you are making in the core network market?
The team is just thrilled and enthusiastic. Frankly ,our channel partners are growing with us as we grow too. Everybody is winning and when you are winning everybody is happy. As we are winning we are investing in the business. The innovation engine is actually getting even stronger as a result of the success. That means there is even more to come.
What's other innovative things are you doing with the 8400 switching line?
We do have a technology that we are already shipping called VSX. What you get with that is better availability and redundancy at both software and hardware layers, and you can do an orchestrated software upgrade without a maintenance window. The reason that is so important is that one of the reasons that today's networks are quite brittle is customers are afraid to upgrade the core and they do not have maintenance windows as well as they used to. One of the things we are hearing from more and more customers is the business will not permit a maintenance window or if they do it is very, very infrequent. To have the ability to upgrade the software when you need and to have a better redundancy model just in case something goes wrong without a maintenance window is massively valuable. It allows the network team to move at the speed of innovation rather than move at the speed of maintenance windows.
What innovative things are you doing with partners around network automation?
We now have a program where we are working with channel partners and directly with customers to consult with them on specific problems they are seeing and then writing NAE [Network Analytics Engine] agents. NAE is the framework built into OS-CX that does native and embedded analytics. It is a fantastic framework where anyone with a basic knowledge of Python leveraging the complete programmability of the system they can really do anything in terms of embedded analytics. What we are now doing in addition to that amazing framework is we are directly building agents for some customers and partners to kickstart it and show them how easy it can be. That started three months ago and we have engaged with 25 customers and built 40 agents.
What are the potential areas we might see advances with the switching portfolio in the future?
The two areas looking ahead are configuration automation and the ease of provisioning. We have something that is already getting a lot of 'Wow' responses from customers which is how we are going to leverage the programmability of the system to automate configuration in a way that is very familiar and comfortable to traditional networking engineers. So you'll have a networking engineer who knows networking deeply but frankly doesn't know programming. We are getting better and better at allowing that individual to automatically configure a large network with very sophisticated requirements very easily and without learning programming. It is the best of both worlds. So you can have the best of both worlds: the benefits of programming in terms of automation, visbility and flexibility but you don’t have to retool and retrain, bringing forward all the knowledge you have always had around networking. That is an area we are actively working on. The way that we are going to do configuration automation is going to get pretty amazing. It's part of Aruba's ongoing commitment to help people who are experts in networking bring their skills forward into the brave new world. So they can get all the benefits of programmability without becoming programmers.
What is the 2.0 around Aruba 8400 channel enablement?
We are definitely continuing to ramp up the channel enablement. We have had a lot of channel partners go through hands-on training and we are expanding that. We have a virtual instance of OS-CX which is available to channel partners and they can use that to enable.
We have had over 2,500 indvidual attendees, over 15,000 student hours for hands-on training, and over 5,000 VLAB [Virtual Lab]) hours in the last nine months.
How much bigger are the deals when partners sell the core network switch?
We are seeing individual deals when it is core plus access that are about 40 percent bigger when you add on the core and the aggregation. It is not just that the deal size gets bigger but you have more opportunity for the deployment and management services as well.
We are seeing more investment of time in Aruba, an expansion of the number of people within channel partners that are working with Aruba because now we are truly end-to-end networking core and aggregation—full network as well as the access layer. We are seeing some partners consolidate their networking practice on Aruba. We have seen some that were Aruba access and Juniper core now looking at Aruba end to end.
There is a subset of partners that are very smart and they are combining security practices and networking practices to work very closely together. For those smart partners they are going to see a lot of opportunity around time, security and policy with networks. The Aruba architecture is really built for that with the 360 Secure Fabric and the networking innovation with OS-CX. That is going to be great opportunity for deals that include security and networks. When you tie those things together, the services and support opportunities for partners are significant.
What are the key reasons for Aruba's success with the 8400?
The Catalyst is very old. There is a lot of gear out there that is really crying out to be refreshed. The solid performance and carrier-class capabilities get us into the mix. The baseline is a very solid grade class switch with outstanding performance and density. No. 2 is automation and analytics capabilities for operational efficiency running the network. And No. 3 is the integration with security.
What is the plan for 2019?
We are doubling down on the early growth. We are going to ramp customers and revenue even faster in year two. We are going to be coming out with new hardware to expand our reach and new software releases with traditional switching features and exciting innovations that are new to the world and first to market— as well as investments to scale the channel with a lot of support from the Aruba field. Year two we are expecting to be the year of significant ramp.
We're really jazzed up across the whole team. We are firing on all cylinders.
What is the call to action for partners?
Customers want to hear about automation and they want solutions to their security problems. When you look at Aruba from a solution architecture perspective, we can partner with you to achieve those goals. So it is not just selling infrastructure. It is selling solutions with automation and security.