The Santa Clara, California-based developer emerged from stealth mode in May with a controller-less architecture that puts the control plane out on the individual access points (APs) while deploying a central server only for management functions. It argues that this approach overcomes the tromboning issue of the centralized control architecture of overlaid switched WLANs.

This term refers to the fact that all the traffic in such networks is forced to go all the way from the APs at the edge to the central controller for routing decisions, channel selection and so on, then come all the way back out to the AP, describing the shape of a trombone’s slide. This represents a potential bottleneck as usage grows, particularly when the new higher-bandwidth 802.11n standard is rolled out across enterprises.

Some WLAN switch vendors such as Trapeze and Meru have moved to address this issue with alterations to their architectures, the common thread being to hand off the data plane to a wired LAN earlier in the process, while retaining some degree of control centralized.

Aerohive argues that such approaches are no better than workarounds that, in any case, end up entailing additional cost: Meru, for instance, proposes a kind of sub-controller to be placed further out towards the edge, which means buying another box.

The distributed control model championed by Aerohive harks back to the era of autonomous or fat APs, which preceded the fashion for overlaid switch architectures with its lightweight or thin access points. However, where each fat AP was a law unto itself and, as such, a potential security risk, the HiveAPs coordinate and control among themselves and so act as part of a larger entity, enabling Aerohive to promise the best of both the thin and fat worlds.

First among this week’s announcements is a new point release of the operating system that runs on the company’s devices, version 2.1, which introduces a number of features for scalability. Among these is a capability called Layer 3 tunnel load balancing, designed to address the requirements of networks in which large numbers of endpoints are roaming concurrently between subnets.

The issue around subnet roaming in WLANs is session persistence, since a change of subnet would normally mean a new IP address and, as such, the requirement to re-authenticate. Most WLAN vendors offer L3 roaming between subnets, which uses generic route encapsulation (GRE) tunnelling to back to the original AP on the first subnet to avoid re-authentication.

As the number of WiFi phones grows, however, there is the potential for this to become a bottleneck, with multiple tunnels leading back from a proliferation of handsets to the same AP, and this is what Aerohive is addressing with the load balancing.

Now we’re using GRE plus some intelligence of our own to share the tunnel processing between all the HiveAPs in a subnet, said Adam Conway, Aerohive’s VP of product management. We can do up to 100 tunnels to a given AP, so now we’ve done tunnel load balancing to go to any AP in the first subnet for scalability.

Also supporting greater scalability it the new HiveManager appliance, which is the central server for management but not control. Where the previous HiveManager could support up to 500 APs, this one can go up to 5,000, said Dave Flynn, CEO of Aerohive. The low-end HiveManager is a 1U box with a US list price starting at $4,995 with 25 licenses, the new one is a 2U device starting at $9,995, again with 25 licenses.

Another enhancement to HiveOS 2.1 is what the company calls Dynamic Mesh failover. All our mesh nodes are on mesh as well as using Ethernet links for failover in the event of that the Ethernet connection goes down, Flynn began. However, this has required the user to dedicate one of the radios in the node for the mesh capability, whereas now it can be used for mesh on the fly, as required.

Mesh is another area in which Aerohive feels it differentiates itself from other enterprise WLAN vendors. We distinguish between enterprise and service provider mesh, said Conway, in that mesh for the campus environment is an enterprise product, whereas the service provider variety is for city-wide municipal WiFi projects. Other enterprise WLAN vendors claim mesh capabilities but in reality they are really only one-hope bridges in which all the data still being routed back through their controller.

Another resiliency/survivability feature is something called Remote Office AAA Caching, which is where user credentials can now be cached as a hash in the Flash memory on a HiveAP in a branch office, such that if a WAN link goes down a user can still be authenticated and get onto the network in the branch.

Aerohive also announced its 802.11n intentions, entailing the launch, in the first half of 2008, of a portfolio of three APs, one indoor, one outdoor and one ruggedized for harsh/industrial environments. We’re using the second-generation chipsets, whereas most of our competitors are on the first, so if they move to the second, customers will face the churn issue, said Flynn.

He argued that most customers are moving to 11n from their legacy fat APs (with Cisco Aironet APs as the market leader) more often than from switched WLANs with lightweight access points, a scenario which again favors Aerohive, in his opinion.

We can work with these autonomous AP networks, with migration to us requiring no new IP addresses, said Flynn. In addition, he claimed a unique feature in that Aerohive enables users roam from legacy fat APs, more slowly than where the infrastructure is end-to-end Aerohive, but at least maintaining sessions so that data applications are not interrupted.

Our View

There has been considerable architectural debate in WLAN over the last year or so. Some of the traditional WLAN switch vendors, who for a few years had ruled the roost and dismissed fat AP vendors as yesterday’s news, have altered their topology to address the challenges of 11n and latency-intolerant apps like VoIP and video.

Meanwhile, Extricom has come from left field to propose a centrally controlled architecture but one in which all the APs are on the same channel, the so-called blanket approach as against the WiFi cell of the mainstream vendors, with Meru joining it in this crusade.

Then there is Aerohive, which actually proposes doing away with the controllers altogether and returning to fat APs, but smart ones that can work together for the greater good.

It may or may not be a superior technical approach, but the real challenge the start-up faces is that, as a new kid on the block, it needs to get enough traction in the market, with some decently-sized reference customers, to be taken seriously. Still, the fact that it secured $20m in its Series B round in July, with Kleiner Perkins Caulfield & Byers leading the round, indicates that it is at least interesting enough for a leading VC to risk a punt on its technology.