Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

How To Control Applications On Aerohive WLANs: Page 2 of 2

With your Watchlist defined and pushed to access points on the network, now you get to see the in-use applications of interest called out in the once-empty Dashboard>Applications page. Though Aerohive says it may take 24 hours for application data to show, I have found it to be much quicker on my small network.

As you take in the graphs and counters for the Watchlist applications, you’ll also notice options for editing the view in the Applications perspective and generating reports. This is where you’ll start to make the feature work for you, and can tailor it to your own operational requirements.



(click image for larger view)
app usage over time

Application visibility can demystify what’s happening on your network, which is useful, but you also want some control so that priority applications work properly. Aerohive AVC lets you control traffic at Layer 7, or at the network layers. Here’s an example, but this is an area with a lot of potential options.

You’ll start configuring the “Control” part of AVC by selecting the network you are working with. Find it under Configuration>Additional Settings, and go to “QoS Settings.” Your goal is a new control (I’ll give BitTorrent a low priority as an example), so you want a new Classifier Map, under “QoS Classification and Marking.” This is where you have to know that the plus (+) sign is the door to a new Classifier Map.



(click image for larger view)
Classifier map

When the form for a new Classifier Map comes up, give it a name and description and select “Services.” Again, this isn’t the most intuitive workflow, but it does make sense after you play with it. Notice the familiar plus sign; click it; wait for the list of applications to populate; and choose the ones that you’d like to take action on, such as the BitTorrent example. Say OK when done selecting applications, and then choose what how you’d like to handle them.

You have a range of options available, including application prioritization and blocking. You can apply more granular controls using role-based actions.



(click image for larger view)
Set policy

Save your configurations, make sure you choose your new QoS map, and save until you are returned to the Configure Interfaces & User Access page. Finally, update the device settings for your APs (don’t forget the reboot), and everything you just did is now active.

You now have tasted Aerohive’s AVC. HiveManager yields almost infinite permutations that fall under the headings of visibility and control. Before you start applying controls, make sure you have a sense of just what you’re trying to achieve, as you can get lost in the possibilities. It’s also always a good idea to have well-defined policies written down before you start making things happen in the real world.

The policy controls outlined here are just the start. I haven’t even touched the likes of application firewall settings and rate limiting. You can get an overview of other Aerohive features here [PDF].