LICENSED FOR DISTRIBUTION

Critical Capabilities for Wired and Wireless LAN Access Infrastructure

Published: 03 November 2017 ID: G00343106

Analyst(s):

Summary

Enterprises have moved beyond basic connectivity and now use network service applications and deployment flexibility to differentiate access networking vendors. I&O leaders should use this research to assess vendor hardware and software capabilities across six enterprise access networking use cases.

Overview

Key Findings

  • Vendor capabilities can vary widely between the most prevalent six use cases for enterprise wired and wireless LAN deployments.

  • Network service applications (such as access control, policy enforcement and location services) are a key aspect of determining a vendor's fit for your use case, versus the "speeds and feeds" of standards-based switches and wireless access points.

  • Consolidation among large infrastructure vendors has placed some established access network product portfolios under new ownership, potentially changing ongoing enterprise customer service, support and product integration.

Recommendations

I&O leaders responsible for planning, sourcing and managing wired and wireless access networks and related services should:

  • Differentiate vendor proposals by identifying how each vendor's network service applications match with the level of services required for both new and legacy access network infrastructure. Proof-of-concept trials will help reveal unanticipated complexity or gaps in required service features.

  • Require vendors that have come under new corporate ownership in the previous 12 months to substantiate their capabilities by providing service, support and development roadmaps specific to their solutions. Request and verify recent relevant customer references.

  • Verify product and technology roadmaps by requiring vendors that rely on strategic partners for unified wired and WLAN networks to detail the future length of their partner commitments.

What You Need to Know

This Critical Capabilities research is the companion to Gartner's "Magic Quadrant for the Wired and Wireless LAN Access Infrastructure," scoring 16 vendors across six use cases designed to reflect the primary evaluation criteria Gartner recommends for use by I&O leaders responsible for planning, procuring and managing enterprise wired and wireless access networks.

The rated vendors provide some or all of the core hardware and software for:

  • Wired access network switches

  • Wireless LAN (WLAN), including wireless access points (APs) and physical or virtual WLAN controllers

  • Network service applications that are cloud-, appliance- or virtual appliance-based, including but not limited to:

    • Network management, monitoring and performance

    • Access control and security

    • Policy enforcement

    • Location services

    • Analytics for security, network performance or vertical market applications (such as mobile marketing)

As the market has evolved, standards-based access networking hardware has become less differentiated. Many enterprises now focus more on the features and functionality of network service applications when evaluating which vendor will best meet the organization's access network requirements. Additionally, enterprises are scrutinizing vendor capability to deploy service applications either on-premises or in a public or private cloud. This Critical Capabilities note revises the use-case definitions to reflect this changing landscape.

We have made the following changes in use cases from the 2016 Critical Capabilities document:

  • Revised "Wired Only Connectivity" to "Wired-Only Refresh/New Build" and "All-Wireless Office" to "WLAN-Only Refresh/New Build"

  • Eliminated "IaaS or Managed Service" as a specific use case, as IaaS or cloud-managed capabilities are incorporated in other capabilities

  • Added "Performance Stringent Applications" to reflect requirements for supporting high-reliability or latency-sensitive applications (such as voice or cloud-based services)

  • Added "Multivendor Networking Environment" to address enterprises that must manage a mix of vendor infrastructure

Analysis

This research is intended to help organizations identify vendors that match their access networking requirements. It evaluates vendor effectiveness in addressing an organization's needs in six use cases:

  • Unified wired and WLAN accessed through a "single pane of glass"

  • Wired-only access network refresh or new build, with requirements either for a wired-only network or for expanding- or refreshing-only wired switching

  • WLAN-only refresh or new build, reflecting requirements not only for the wireless elements of a unified access network but also for a "wireless-first" environment where the WLAN is the primary or predominant first connection to the enterprise network

  • Performance stringent applications, for deployments that require high availability or must support latency-sensitive applications, using either a cloud-based or on-premises management solution

  • Multivendor networking environment to address enterprises that must manage a mix of vendor infrastructure

  • Remote branch office with corporate HQ to address organizations with widely distributed offices in addition to a central corporate office

The Critical Capabilities research differs from the "Magic Quadrant for the Wired and Wireless LAN Access Infrastructure" by focusing on product and service capabilities, rather than the vendor's position, vision and execution in the market for enterprise networks.

Critical Capabilities Use-Case Graphics

Figure 1. Vendors' Product Scores for the Unified Wired and WLAN Access Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Figure 2. Vendors' Product Scores for the Wired-Only Refresh/New Build Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Figure 3. Vendors' Product Scores for the WLAN-Only Refresh/New Build Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Figure 4. Vendors' Product Scores for the Performance Stringent Applications Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Figure 5. Vendors' Product Scores for the Multivendor Networking Environment Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Figure 6. Vendors' Product Scores for the Remote Branch Office With Corporate HQ Use Case
Research image courtesy of Gartner, Inc.

Source: Gartner (November 2017)

Vendors

Aerohive

Aerohive provides wired and wireless access network capabilities using either its own access points, switches and branch routers or pairing with wired switches from strategic partners (such as Dell EMC). Organizations can use Aerohive's HiveManager NG suite of access layer applications to manage both the wireless network plus wired switches based on Broadcom's Fastpath networking software, such as those in Dell's N-Series. The enterprise can use HiveManager NG for a full suite of network application services, including policy management, provisioning, guest access and security behavioral analytics. The Aerohive Connect product (introduced in 2016) is a flexible ownership model enabling the buyer to purchase APs or switches without having to buy the advanced software licenses at the same time. Connect includes a basic public cloud version of HiveManager NG with entry-level network configuration and monitoring, which the enterprise can upgrade later by adding capabilities like self-service guest access and role-based access control. With the exception of the wired-only access, Aerohive's capabilities place it in the top half of all the remaining five use cases. Large or midsize enterprises should evaluate Aerohive for primarily WLAN-focused solutions in its targeted markets of retail, education and distributed enterprise branch offices for the company's primary regions of North America, EMEA and Asia/Pacific (APAC).

ALE

ALE, marketed under the brand Alcatel-Lucent Enterprise, a private company owned by China Huaxin, has expanded its capabilities for providing unified access networks beyond its long-standing relationship with wireless partner HPE Aruba. Enterprises can now integrate ALE's newly broadened line of OmniAccess Stellar wireless access points with OmniSwitch wired campus switches for a unified access network capable of serving large enterprise or campus deployments. For deployments with more complex networking requirements, an organization can buy Aruba APs integrated with OmniSwitch switches, typically paired with Aruba's ClearPass access management solution. ALE's Intelligent Fabric now extends to the access network, enabling autoconfiguration and autoreconfiguration for adds, moves and changes of applications and wired/WLAN network devices. Capabilities supported by these solutions placed ALE in the top half for two use cases and bottom half for four use cases. Include ALE for enterprise wired and WLAN proposals globally, including in its targeted vertical markets of hospitality, transportation, healthcare, government and education.

Allied Telesis

Allied Telesis offers a portfolio comprising LAN switching, WLAN and network management. Users can manage the switching and traditional WLAN product portfolio on-premises with Vista Manager EX or in the cloud, using the Allied Telesis Autonomous Management Framework (AMF) Cloud for Network Management. Users can integrate AMF with Allied Telesis Secure Enterprise SDN (SES), improving security and further simplifying network management and automation. Allied offers limited choices for guest access functionality and onboarding or policy enforcement applications for wired or wireless components. These limitations — plus limited capabilities for expanded requirements, such as indoor location or analytic reporting — place Allied Telesis in the bottom quartile of vendor scores for wireless-related use cases. Evaluate this vendor for access networks with basic service requirements in its core APAC region.

Brocade (Ruckus)

Brocade provides a unified access network solution based on its ICX switch and its Ruckus cloud-managed WLAN solutions. Enterprises have a choice of both controller-based and cloud-managed WLAN architectures, plus a complete suite of network service applications for indoor location services, guest access, policy management and other requirements. This includes Ruckus' Cloudpath access control software — a multivendor-capable solution providing security, policy management, self-service guest access and device onboarding capabilities (such as integration with Google Console for large-scale onboarding of Chromebook devices used widely in elementary and secondary schools). Ruckus buyers get management, network monitoring and troubleshooting functionality with its SmartZone WLAN controller, at no additional licensing cost. Brocade scores in the top half for three of the six use cases. Arris was in the process of acquiring both businesses at publication time. Organizations should weigh the potential impact of ownership change on product development or support, but can include Brocade's access network solutions for large enterprise and campus deployments in its primary vertical industries of education, hospitality and government.

Cisco

With the exception of the multivendor networking use case, Cisco ranks in the top half of all the other five use cases due to the breadth of its portfolio of wired switching and WLAN products. Cisco has two separate access layer solutions. On-premises managed solution buyers will choose from the Catalyst line of fixed-format and modular switches plus controller-based and controllerless Aironet wireless APs, supported by Identity Services Engine (ISE) for policy-based access and Prime for management. The Meraki solution has its own separate fixed-format switches, access points and a separate cloud-based application for policy and management. An external API allows bilateral communication between ISE and Prime to the Meraki dashboard. Organizations deploying both Catalyst/Aironet and Meraki solutions as of the evaluation period for this review needed to purchase and implement ISE and Prime in addition to leveraging the Meraki dashboard for management, since there was no consolidation to a single management framework yet available. Evaluate Cisco for access networking in all regions. However, clients interested in multivendor networking should also assess vendors with higher scores in this use case.

Dell EMC

Dell EMC provides an end-to-end access network portfolio based primarily on its N- and S-Series fixed-port and modular C-Series, stackable Ethernet switches paired with Aerohive wireless access points. A Dell-branded version of HiveManager NG provides control and network service applications for the unified network. Enterprises can choose the Dell OpenManage Network Manager solution to manage either Dell or multivendor wired switches. Although Dell spun off its SonicWall firewall and security solutions in November 2016, it still sells those products, in addition to the SafeConnect solution from Dell partner Impulse for access control and client data reporting for either Dell or Dell/Aerohive LANs. Dell scores in the lower half of all use cases, for a portfolio that should be included in basic enterprise and campus access networking RFPs, including for its targeted education, government and healthcare markets.

D-Link

D-Link offers enterprises with basic access layer requirements a low-cost option for wired and WLAN solutions. D-Link has two network management solutions. D-View 7, mostly licensed, provides wired and wireless network management, and Central WiFiManager is a free software for managing WLAN APs. While costs are an advantage, both solutions lag behind in network applications capabilities (such as automation, granular policy enforcement and radio frequency monitoring). Central WiFiManager does not support location-based services. Such limitations placed D-Link in the bottom quartile of scores for all uses cases, making it relevant primarily for prospects in its core markets of EMEA, APAC and North America that have basic access layer requirements and require a practical, cost-effective solution for small branch offices or remote locations.

Extreme Networks

Extreme Networks is a global vendor providing edge-to-core infrastructure solutions. Customers can optimize them from on-premises, cloud or hybrid network service applications that include network management, guest access, policy enforcement and application analytics for Extreme network components, as well as for other access network vendors. ExtremeManagement provides multivendor, centralized management applications for wired and wireless environments that can be deployed on-premises or virtually in a public or private cloud environment. Extreme acquired Zebra Technologies' WLAN organization, including its WiNG technology in 2016 and completed its purchase of Avaya's access layer business in July 2017. The company scores in the top four for all use cases. Include Extreme for RFPs covering enterprise and campus network deployments globally, in priority vertical markets such as education, government, manufacturing, healthcare and distributed retailing.

Fortinet

Fortinet provides a unified access network portfolio in which organizations can consolidate a WLAN controller and elements such as wired/wireless network management, policy enforcement, wireless intrusion detection, web filtering and antivirus/anti-malware via the FortiGate firewall appliance. Users of FortiOS version 5.6 have extended network visibility and management under a common framework that includes switches, WLAN access points, sandboxing and security products. The switch portfolio is basic, providing up to 48 ports (plus uplinks) in a PoE fixed-configuration switch. Organizations seeking a cloud-managed network can deploy Fortinet's solution on-premises or via public or private clouds, or may choose a more traditional architecture separating the WLAN controller from the firewall and network management hardware. Using the combination of FortiOS with FortiSIEM, organizations have a strong security framework for managing IoT devices, including the ability to implement IoT containment. Fortinet's portfolio scores in the second half of all use cases. Evaluate this vendor for deployments with requirements for additional measures to address cybersecurity threats.

HPE (Aruba)

Aruba operates as a subsidiary of Hewlett Packard Enterprise (HPE), and has one of the broadest wired/wireless access layer portfolios in the market. Aruba is the top-ranked vendor for all use cases. AirWave and ClearPass remain some of the most complete solutions in the market and they support other vendors' products, allowing Aruba to score well in the capabilities for network/guest access, network management and policy enforcement application services. Organizations can manage Aruba Instant controllerless APs on-premises or as part of a cloud offering (Aruba Central), although users will not have that flexibility in deployment modes for legacy HP switches. Aruba customers continue to provide positive feedback for RF interference mitigation capabilities offered by ClientMatch. Customers using the ClearPass access and policy management solution began receiving enhanced behavioral analytics capabilities following Aruba's acquisition of Niara (rebranded as IntroSpect), completed early in 2017. Consider this vendor for all campus deployments globally.

Huawei

Huawei Technologies' Enterprise Business Group (EBG) scored in the top half for all use cases, based on the capabilities of its Agile Network Solutions supporting an end-to-end campus networking portfolio. Organizations deploying the Agile Controller obtain SDN architectural advantages (such as programmable functions for tighter wired and wireless management, stronger authentication and monitoring of network application services in branch offices). Users can also employ the Agile Controller as the management platform for Huawei's CloudCampus solution, which allows management of switches and WLAN APs from the cloud. Several of Huawei's switches have integrated WLAN controller functionality. Huawei's eSight management and network applications support both Huawei and competitive-vendor components. Although Huawei's Packet Conversion Algorithm for Internet (iPCA) can analyze network traffic and detect MOS quality for voice over WLAN (VoWLAN), clients will need to work with the vendor to identify what tools are available beyond normal quality of service (QoS) statistics to ensure performance. Analyze this vendor for enterprise campus deployments primarily in its core markets of EMEA and China.

Juniper Networks

Juniper Networks provides a well-thought-out campus switching architecture but relies on partnerships for wireless connectivity and expanded network service applications through its Open Convergence Framework strategy. This strategy includes a global ecosystem of WLAN hardware partners (such as HPE/Aruba and Samsung in the APAC region). This means Juniper has limited wired plus wireless network automation and IoT containment/separation strategy since it must collect information from partners who are part of the Open Convergence Framework but not integrated into Juniper's network fabric. Clients can implement automation, analytics and software-defined capabilities from the cloud to the campus to the branch via the Juniper Unite Cloud-Enabled Enterprise solutions framework. Junos Space Network Director delivers on-premises, single pane-of-glass network management for wired, security and policy network elements, as well as for partners' WLAN hardware. Limited wireless and access network service application capabilities place the vendor in the second half of scoring for all use cases.

Mist Systems

Mist Systems is a small WLAN-focused vendor offering wireless via its own line of access points, enabling enterprises to deploy both advanced indoor location capabilities and network assurance and automation. Mist customers must use a different vendor for wired switching. Mist's APs feed mobile client data for more than 100 elements contributing to performance levels (such as throughput, latency and connection time) to a machine learning engine for proactive operations, predictive recommendations and rapid troubleshooting. Organizations do not need physical beacons or site surveys for Mist's location solution due to the data collection capabilities of the APs and its approach to array antenna design. Network managers can access through a single pane of glass a complete view of metrics for users, Wi-Fi and Bluetooth Low Energy beacon data, in addition to network applications (such as a policy and enforcement engine), via Mist's network management solution. Evaluate this vendor primarily for WLAN deployments where wired switching is procured separately.

Mojo Networks

Mojo Networks provides its portfolio of access points and access layer applications to a global client base. The vendor's cloud-managed Cognitive Wi-Fi solution automates network monitoring and troubleshooting, allowing the network to detect, diagnose and resolve autonomously. This enables organizations with limited IT staff or remote offices to rapidly troubleshoot and resolve issues. Mojo includes a guest access application in its cloud-based management solution, but it does not provide multivendor network management support in the Mojo cloud. Mojo's wireless portfolio includes two three-radio access points, with the third radio to be used for many applications (including full-time wireless intrusion prevention system [WIPS], spectrum analysis and client simulation). Evaluate this vendor primarily for WLAN deployments where the enterprise is willing to acquire capabilities like wired connectivity and indoor location services through a separate partner ecosystem.

New H3C

New H3C, comprising the combination of the former H3C with HPE's China-based server, storage and technology service businesses, is a strong vendor in China. It has a large wired/wireless access layer portfolio scoring in the top half of vendors for all use cases. Enterprises can use New H3C's intelligent Management Center (iMC) for unified wired/wireless management, guest access, user behavior analytics and other capabilities, in a multivendor environment. Those choosing cloud-based wireless management can use the more recent Oasis platform, providing data analytics and basic device/user behavior analysis in a multitenant environment, predominantly serving the midmarket. Although New H3C clients will get a rather flexible architecture that reduces dependence on WLAN hardware controllers, they will not have choices that other leading vendors offer in the breadth of controllerless products, such as access points with embedded controller functionality. Appraise this vendor for enterprise campus deployments in China, its predominant market, and where it can show sufficient service and support in its emerging APAC markets.

Riverbed (Xirrus)

Riverbed acquired Xirrus in April 2017. Xirrus focuses on wireless access network hardware and services software, with a limited complementary wired switch portfolio for campus network integration. 1 Organizations with varying density requirements are supported by Riverbed Xirrus wireless access points featuring software-definable radios integrating up to eight radios per AP. Customers can deploy its management solutions for cloud- or on-premises management, with a complete suite of network services that include access control, policy enforcement, RF design and network analytics. Customers may employ Riverbed's SteelConnect unified access network hardware and management software, but the companies did not expect integration with Xirrus' XMS management and EasyPass access control solutions before year-end 2017. Pending integration with SteelConnect, enterprises should view Xirrus as a WLAN overlay to the Riverbed product line or for stand-alone WLAN deployments that are not contingent on integration with Riverbed solutions.

Context

Enterprise deployments of wired and wireless access networking hardware and software continue to grow, primarily as organizations initiate or expand 802.11 Wi-Fi coverage to support a variety of mainstream usage scenarios that support increasingly mobile workforces and IoT implementations. Port shipments for campus Ethernet switches grew by about 6.5% in 2016, and WLAN unit shipments rose 10.7% for the year. Notably, vendor revenue from WLAN enhancement products that include network service applications grew by 21.6%. Total campus switching spend was $12.8 billion in 2016 compared to $4.8 billion for WLAN solutions (see "Market Share: Enterprise Network Equipment by Market Segment, Worldwide, 4Q16 and 2016" ). Total WLAN end-user spending is expected to grow at a 5.9% CAGR through 2021, while campus Ethernet switch port shipments decline at a 1.2% CAGR during that period (see "Forecast: Enterprise Network Equipment by Market Segment, Worldwide, 2014-2021, 1Q17 Update" ).

Access layer hardware has become increasingly commoditized, especially from mainstream vendors, with all major vendors offering 802.11ac Wave 2 access points and most providing 802.3bz 2.5/5Gb switch port capabilities. This is shifting enterprise consideration more heavily to the software used to configure, secure, manage and operate the network. Network service applications supporting mobile work styles have become a more significant consideration for enterprises planning central office or campus network support for VoWLAN, onboarding and monitoring of BYOD devices and location-based services. Equally important are network service application capabilities supporting outsourced managed LAN services. For these, the customer may focus on the service provider's network assurance capabilities and on the SLAs for supporting a specific user experience more than on the listed throughput, capacity or antenna specs for the deployed infrastructure.

Product/Service Class Definition

Wired/WLAN-access networking consists of a wide range of features and functions. In this research, we examine five critical networking capabilities that enterprises should consider when looking to develop broad, unified and access layer migration roadmaps, and when choosing strategic suppliers. We evaluate vendors on the following capabilities.

Critical Capabilities Definition

Wired Access

This accounts for the vendor's wired switching solution hardware (fixed-form-factor and modular) and integrated software, which may include port-extension capabilities. Key components include performance, availability, scalability, interoperability, cost, support and the portfolio architecture.

Capabilities also include:

  • Form factors and port densities that meet specific wired switching requirements. These include fixed-form-factor, port-extension and chassis-based switches.

  • 802.3bz capabilities that enable 2.5/5Gb links to wireless access points for supporting high-density 802.11 ac Wave 2 deployments without the need to replace existing Cat 5e or Cat 6 cables.

  • Single application management of hardware from differing vendors, including end-user security and policies.

WLAN Access

This accounts for the vendor's wireless-access solution in a traditional, carpeted enterprise, which includes hardware (such as access points in a variety of configuration and antennas) and integrated software.

Key components include performance, reliability, availability, scalability, interoperability, cost, support and the overall portfolio architectures. Other capabilities include:

  • A range of wireless AP form factors to support different indoor and outdoor enterprise and campus environments.

  • The ability to measure latency for voice and data applications and to provide sufficient data for MOS score calculations to support toll quality VoWLAN.

  • Single-application management of hardware from differing vendors, including end-user security and policies.

  • The network retains active ability of connectivity to the controller, whether on-premises or cloud-based.

Network Access/Guest Access/BYOD

This includes the ability to provide captive portals for guests, to onboard IoT and other "headless" devices (without a human interface, such as printers and digital signage) and to define roles of varying access to the network, with attention to BYOD situations.

Access roles will use device, device profile, user, location, time/date, duration and application access as primitives to consistently determine access to the wired or wireless network, regardless of device or location.

Management and Administration

This refers to the deployment, configuration and ongoing management/administration capability of the vendor's products and other access layer networking products.

This can also include functionality embedded into individual network elements, vendor-provided NMS software/hardware and integration with existing management tools (such as NPM and NCCM) via standardized protocols or APIs. Other capabilities include:

  • Zero-touch or automated provisioning

  • Policy-based management and configuration

  • Network monitoring

  • On-premises and cloud-based management options

  • Physical and virtual controller or controllerless options

Addtl. Network Service Applications

This capability includes a broad and growing set of network service applications, including analytics, forensics, advanced application support and location-based services, which may be vertical-market-specific.

Network analytics applications look at the network, as well as the end-user data. Network forensics tools determine what's happening across the entire access layer, in addition to security functionality and fixed mobile convergence capabilities. Location services include the ability to provide Wi-Fi-based or active RFID/beacon location, as well as an application toolkit for zonal or real-time location services (RTLS). Other capabilities include:

  • Flexibility to deploy access network applications on-premises or in a private or public cloud to address implementation scenarios, such as remote or branch offices.

  • Network application innovation to support BYOD, security, policy enforcement and other access layer functionality.

Multivendor Management Support

This is the ability of a network management solution to identify, configure and manage wired and WLAN elements from multiple vendors through a "single pane of glass."

This capability may be enabled by:

  • Native multivendor capabilities for specified third-party vendor devices and software configurations

  • The ability to discover and manage third-party devices that support standard SNMP Management Information Bases (MIB) and Link Layer Discovery Protocol (LLDP)

  • The ability to manage configurations and hardware/software aspects of third-party components

  • The ability to gain visibility and analytics into the operation and the performance of third-party components

  • The use of a management agent installed on network devices or on a monitoring appliance to enable the provisioning, configuration or monitoring of the devices

  • Open APIs enabling third-party vendors to integrate with the vendor's network management solution

Use Cases

Unified Wired and WLAN Access

This is an enterprise facility or campus environment with 500+ users that requires wired and WLAN access networking components to deploy across carpeted office spaces.

Most users are typically badged employees, although contractors and guests also require connectivity. Employees are usually issued corporate-owned devices. However, the network may also support BYOD for mobile devices, such as smartphones, tablets and possibly laptops. This buyer is typically technically competent and/or routinely makes granular changes to wired/WLAN infrastructure components. This is the most common use case for newly constructed office space, although it's often initiated by a campus refresh.

Wired-Only Refresh/New Build

This is a physical facility or campus environment with more than 500 users that only requires wired access networking components.

This use case most often applied to brownfield and refresh opportunities, often when an incumbent wireless solution is in place and there is either no desire to replace it or it serves a highly risk-averse environment in which no wireless has been deployed. Most users are typically badged employees. However, contractors and guests also require connectivity. This buyer is typically technically competent and/or routinely makes granular changes to wired/WLAN infrastructure components.

WLAN-Only Refresh/New Build

This applied to refresh opportunities or to new builds in which wireless was the primary or predominant connection to the enterprise network.

This use case can encompass single, small locations or large, campus-based enterprises, and may include limited wired components to provide connectivity for WLAN or as incremental updates for expanding an existing infrastructure. In addition to data connectivity, the implementation supports the use of the WLAN for voice calls, either from cellular smartphones or from softphones on desktop, laptop or tablet computing devices. The voice requirement is to implement, manage and measure the network to provide toll-quality calls with a MOS of 3.5 or greater and no perceptible jitter on calls. This use case is typically observed for brownfield and refresh opportunities. Most users are typically badged employees, but contractors and guests also require connectivity. This buyer is typically highly technically competent and/or routinely makes granular changes to wired/WLAN infrastructure components.

Performance Stringent Applications

This is a physical facility or campus environment requiring high network reliability or supporting a latency-sensitive application, with greater emphasis on wireless access.

This organization's access network needs not only to be governed by uptime but also to be measured by the availability of data center or cloud applications to end users. This includes the ability to use the network if multiple path redundancy is configured or if applications must be accessed locally. Most users are typically badged employees, but contractors and guests also require connectivity. This buyer is typically highly technically competent and/or routinely makes granular changes to wired/WLAN infrastructure components.

Multivendor Networking Environment

This is a mixed vendor environment (for example, when an incumbent vendor's equipment must be used with new equipment as part of the wired and WLAN access layer solution).

This encompasses a single, small location or large, campus-based enterprise. Differing vendor hardware may be deployed at multiple locations, but the hardware and end-user security and policies must be managed by a single application that may be located in the cloud or on-premises. Most users are typically badged employees, but contractors and guests also require connectivity. This buyer is typically highly technically competent and/or routinely makes granular changes to wired/WLAN infrastructure components.

Remote Branch Office With Corporate HQ

This requires wired/WLAN-access networking components and knowledge of WLAN connectivity.

This use case involves a single physical facility of 10 to 50 users, potentially with a headquarters site with up to 499. It is typically observed for small enterprises or small, remote offices of larger enterprises, deployed in carpeted office spaces where there is also a central corporate headquarters. Users are typically badged employees, but contractors and guests also require connectivity. There is typically little or no on-site technical support in the remote locations but there is an IT organization that support these locations at the central headquarters.

Vendors Added and Dropped

Added

  • Mist Systems (met inclusion criteria)

  • Mojo Networks (met inclusion criteria)

  • New H3C (met inclusion criteria after spinoff of HPE China business into New H3C)

  • Riverbed (met inclusion criteria after Xirrus acquisition)

Dropped

  • Avaya (access networking business acquired by Extreme Networks)

  • Xirrus (acquired by Riverbed)

  • Zebra Technologies (access networking business acquired by Extreme Networks)

  • ZTE (did not meet inclusion criteria)

Inclusion Criteria

To qualify for inclusion, vendors need to:

  • Demonstrate relevance to Gartner clients in the enterprise access layer market by offering switching and/or WLAN hardware to address enterprise access layer networking requirements outlined in the market definition section.

  • Demonstrate relevance to Gartner clients in the enterprise access layer market by providing one or more network service applications, as outlined in the market definitions section, with an annual network service application revenue exceeding $5 million.

  • Produce and release enterprise access layer networking products for general availability as of 15 April 2017. All components must be publicly available, shipping and included on the vendors' published price list.

  • Have at least 50 enterprise customers that use its access layer networking products in production environments as of 15 April 2017.

  • Demonstrate production enterprise customers with at least five reference customers supporting access layer networks of more than 100 access points.

Table 1.   Weighting for Critical Capabilities in Use Cases

Critical Capabilities

Unified Wired and WLAN Access

Performance Stringent Applications

Multivendor Networking Environment

Remote Branch Office With Corporate HQ

Wired-Only Refresh/New Build

WLAN-Only Refresh/New Build

Wired Access

20%

10%

10%

10%

50%

0%

WLAN Access

30%

20%

10%

20%

0%

50%

Network Access/Guest Access/BYOD

15%

10%

10%

20%

10%

10%

Management and Administration

15%

30%

10%

25%

15%

15%

Addtl. Network Service Applications

15%

30%

10%

25%

10%

10%

Multivendor Management Support

5%

0%

50%

0%

15%

15%

Total

100%

100%

100%

100%

100%

100%

As of November 2017

Source: Gartner (November 2017)

This methodology requires analysts to identify the critical capabilities for a class of products/services. Each capability is then weighed in terms of its relative importance for specific product/service use cases.

Critical Capabilities Rating

Each of the products/services has been evaluated on the critical capabilities on a scale of 1 to 5; a score of 1 = Poor (most or all defined requirements are not achieved), while 5 = Outstanding (significantly exceeds requirements).

Table 2.   Product/Service Rating on Critical Capabilities

Critical Capabilities

Aerohive

ALE

Allied Telesis

Brocade (Ruckus)

Cisco

Dell EMC

D-Link

Extreme Networks

Fortinet

HPE (Aruba)

Huawei

Juniper Networks

Mist Systems

Mojo Networks

New H3C

Riverbed (Xirrus)

Wired Access

3.2

3.8

3.2

3.9

4.2

3.7

3.2

3.9

3.4

4.0

4.0

4.0

1.0

1.0

4.0

3.2

WLAN Access

4.2

3.7

2.5

3.9

4.0

3.2

3.0

3.9

3.7

4.2

3.8

2.5

4.4

3.5

3.6

3.9

Network Access/Guest Access/BYOD

3.8

3.5

2.3

3.8

3.8

3.5

2.5

4.0

3.6

4.2

3.7

3.0

3.3

3.3

3.6

3.4

Management and Administration

3.6

3.2

2.7

3.4

3.5

3.2

2.5

3.7

3.5

3.9

3.8

3.3

3.7

3.5

3.7

3.4

Addtl. Network Service Applications

3.4

3.5

2.3

3.2

3.8

3.4

1.0

3.5

3.6

3.8

3.7

2.5

4.0

2.8

3.7

3.6

Multivendor Management Support

3.2

3.2

2.7

3.0

2.5

3.2

2.5

3.4

2.7

3.8

3.0

3.4

2.7

2.5

3.4

3.2

As of November 2017

Source: Gartner (November 2017)

Table 3 shows the product/service scores for each use case. The scores, which are generated by multiplying the use-case weightings by the product/service ratings, summarize how well the critical capabilities are met for each use case.

Table 3.   Product Score in Use Cases

Use Cases

Aerohive

ALE

Allied Telesis

Brocade (Ruckus)

Cisco

Dell EMC

D-Link

Extreme Networks

Fortinet

HPE (Aruba)

Huawei

Juniper Networks

Mist Systems

Mojo Networks

New H3C

Riverbed (Xirrus)

Unified Wired and WLAN Access

3.68

3.56

2.62

3.66

3.83

3.38

2.57

3.80

3.53

4.04

3.77

3.04

3.31

2.82

3.70

3.53

Performance Stringent Applications

3.64

3.48

2.55

3.53

3.79

3.34

2.22

3.73

3.57

3.97

3.78

2.94

3.62

3.02

3.70

3.54

Multivendor Networking Environment

3.42

3.37

2.65

3.32

3.18

3.30

2.47

3.60

3.13

3.91

3.40

3.23

2.99

2.66

3.56

3.35

Remote Branch Office With Corporate HQ

3.67

3.50

2.53

3.58

3.81

3.36

2.30

3.77

3.58

4.01

3.78

2.95

3.57

3.04

3.69

3.53

Wired-Only Refresh/New Build

3.34

3.56

2.87

3.61

3.76

3.50

2.70

3.77

3.35

3.96

3.76

3.56

N/A

N/A

3.80

3.29

WLAN-Only Refresh/New Build

3.84

3.51

2.52

3.61

3.66

3.25

2.60

3.77

3.50

4.06

3.66

2.81

3.89

3.26

3.60

3.64

As of November 2017

Source: Gartner (November 2017)

To determine an overall score for each product/service in the use cases, multiply the ratings in Table 2 by the weightings shown in Table 1.

Evidence

For this research, we considered:

  • More than 480 access network-related Gartner client inquiries over 12 months ending May 2017

  • Vendor questionnaire responses and vendor briefings conducted during the product evaluation period and conducted specifically for this document

  • A survey of 113 vendor-provided client references

  • Other publicly available vendor product and service information, and interaction with other Gartner analysts who have conducted inquiries or research relevant to this area

1 Riverbed previously offered WLAN via hardware it acquired with Ocedo in January 2016. For this Critical Capabilities document, Gartner scoring is based on Xirrus' WLAN capabilities.

Critical Capabilities Methodology

This methodology requires analysts to identify the critical capabilities for a class of products or services. Each capability is then weighted in terms of its relative importance for specific product or service use cases. Next, products/services are rated in terms of how well they achieve each of the critical capabilities. A score that summarizes how well they meet the critical capabilities for each use case is then calculated for each product/service.

"Critical capabilities" are attributes that differentiate products/services in a class in terms of their quality and performance. Gartner recommends that users consider the set of critical capabilities as some of the most important criteria for acquisition decisions.

In defining the product/service category for evaluation, the analyst first identifies the leading uses for the products/services in this market. What needs are end-users looking to fulfill, when considering products/services in this market? Use cases should match common client deployment scenarios. These distinct client scenarios define the Use Cases.

The analyst then identifies the critical capabilities. These capabilities are generalized groups of features commonly required by this class of products/services. Each capability is assigned a level of importance in fulfilling that particular need; some sets of features are more important than others, depending on the use case being evaluated.

Each vendor’s product or service is evaluated in terms of how well it delivers each capability, on a five-point scale. These ratings are displayed side-by-side for all vendors, allowing easy comparisons between the different sets of features.

Ratings and summary scores range from 1.0 to 5.0:

1 = Poor or Absent: most or all defined requirements for a capability are not achieved

2 = Fair: some requirements are not achieved

3 = Good: meets requirements

4 = Excellent: meets or exceeds some requirements

5 = Outstanding: significantly exceeds requirements

To determine an overall score for each product in the use cases, the product ratings are multiplied by the weightings to come up with the product score in use cases.

The critical capabilities Gartner has selected do not represent all capabilities for any product; therefore, may not represent those most important for a specific use situation or business objective. Clients should use a critical capabilities analysis as one of several sources of input about a product before making a product/service decision.