Aruba Vs. Cisco Intelligent Edge Face-Off, Why Aruba ESP Is Smarter: Keerti Melkote

Keerti Melkote, founder and president of Aruba, a Hewlett Packard Enterprise company, says Cisco simply does not have an answer for Aruba’s AI-based Edge Services Platform.


An AI Advantage For HPE Aruba ESP Vs. Cisco

Aruba founder and President Keerti Melkote told CRN that rival Cisco lacks the artificial intelligence muscle to compete against Aruba’s Edge Services Platform.

“What we compete against on a day in and day out basis is either Meraki or Cisco DNA, but the reality is neither one of them solve the problem the way we do,” said Melkote. “They don‘t have AI . Neither system has AI at the heart of it.”

Aruba’s cloud-native AI and security capabilities built into its unified edge to cloud ESP platform is in sharp contrast to Cisco’s multi-product edge to cloud offering, said Melkote.

Sponsored post

“They don’t have the AI and security capabilities that we believe is fundamental to this ESP vision,” he said. “Automation is at the heart of it. And automation with AI is the bet we made on ESP. That piece Cisco simply does not have: neither in Meraki or DNA.”

The breakthrough Aruba ESP is an intelligent edge to cloud central nervous system of sorts that can analyze data across edge, wired and wireless networks, identify any issues or abnormalities and self-optimize with its AI capabilities. In addition, Aruba ESP can also find and secure unknown devices on the network.

Cisco, for its part, in the summer closed its acquisition of ThousandEyes, which aims to provide “actionable intelligence” from the edge to the cloud. Cisco has said it will incorporate ThousandEyes capabilities across it core Enterprise Networking and Cloud and AppDynamics portfolios.

“Cisco has a product by product silo versus [the Aruba ESP] platform,” said Melkote. “Different products have their own ways to manage, monitor and troubleshoot and there‘s really not a common architecture that brings it all together across campus and branch, across wired, wireless and WAN, across infrastructure, security and AI.”

What is the Aruba vision for the intelligent edge?

At the highest level, there is a big shift in enterprise architecture from what used to be a data center-centric world with all the intelligent property and intellectual property inside the data center. The enterprise IT landscape was around bringing all the users and devices to the data center. That is how all companies historically were built.

Today it is very clear that applications are no longer just in the data center. They are in the cloud—be it private cloud or public cloud or SaaS. But it is a totally distributed landscape in terms of applications.

The edge likewise is also fully distributed. It is no longer just offices. It is very clear that we’re taking calls from homes. So the home is like the branch office now. We’re all working from home. And so work has been reimagined. And it’s not just users. It’s any place where people are engaging machines or are engaging in doing productive work like factory floors, warehouses, kitchens and restaurants.

Everyplace has a front office, which is where you serve your customers and the back office, which is where you make your stuff. So we saw the edge as the place where there is going to be significant growth, driven by the need for the highest-level digital transformation, acceleration to the cloud and driving more operational efficiencies and better customer experiences.

So we just felt at that point that there was going to be vast amounts of technology and infrastructure spend to improve businesses. Technology is going to be at the heart of every business. There is no longer a business that is not a technology business. If you are not a technology business, you are likely not going to be in business. That’s my fundamental belief.

As a result, we reimagined what does it take for an enterprise to be this edge to cloud natively. And we just realized that is a departure from any anything we have done in the past. What got us here will not get us there in the future. That was a fundamental realization.

So we started to say, ‘How do we do things differently?’ We basically started with Aruba and said, ‘Why not take everything wireless? Why does everything have to be plugged in and wireless is an overlay? Wireless should be the primary [network].’

The same thing applies to the wide-area network. Wide-area networking should be all over the internet. Then we need to build out MPLS so we can actually create this SD-WAN that is a flexible overlay that connects all the edges to all your applications in the cloud. That is a disruptive approach. Every time, we have taken a disruptive approach and basically said there is a much better way. Even with switching we did that. We basically said that switching is the backbone but it hasn’t been reimagined. With Aruba CX Switching we reimagined the switching layer.

Our edge to cloud platform is really is the infrastructure for the next decade. That is how we think about it. And, and as you deliver infrastructure for the next decade today, it needs to be totally flexible.

It needs to be as a service consumed from the cloud. If customers want it on-premises—and there are many customers who still want it on-premises because there might be regulatory issues or loss of the land, which means the data cannot leave the country, which requires you to be on-premises or you might have other constraints that require you to have an air gap between the internet and your operations. The federal government and DOD [Department of Defense] is an example of that.

So we want it to be flexible. Of course cloud, but also on-premises. And finally, consumption-based. So you meter it and you buy it based on the drink as opposed to having to put down a lot of Capex infrastructure up front.

How do you solve for that in an imaginative future-oriented world? And I just fundamentally believe edge is where the pivot point is for making these intelligent decisions. That’s the reason we made the bet on the intelligent edge.

Silver Peak is a great addition to the portfolio to allow us to continue to make very smart, intelligent decisions from the edge to the cloud.

What are the fundamental architectural differences between Aruba’s intelligent edge offering versus Cisco Meraki?

So why are we different from Cisco, which is our primary competitor? We call it the Aruba Edge Services Platform [ESP]. It is basically fundamentally cloud-native. We started with the assumption that the customer will want their hardware to be migrated to the cloud and be operable from an on-premises software layer? So how do we solve for that?

Cisco isn‘t there. Cisco started with, ‘If you want to go to cloud, you go buy Meraki. If you want on-premises you buy DNA.’ That’s their story. The hardware, the switches, the access points, the gateways and the routers are completely different portfolios. And they don’t mix. They really don’t bring the two together. If you want cloud, you go buy this thing [Meraki] but if you changed your mind and want to go on-premises or have a specific to go do on-premises you can’t do that with Cisco [with a single platform].

It’s a forklift upgrade basically that says, ‘You have got to rip and replace to get back to on-premises or vice versa.’ If you’re going from on-premises to cloud it‘s a rip and replace. And we can solve that fundamentally impossible proposition for customers. Because nobody can rip and replace overnight, especially these days.

So we wanted to start with the assumption that customers will want flexibility and choice. So how do we build a solution that allows them to do both [on-premises networking and cloud networking] but not necessarily buy two different things. It‘s the same thing, just delivered different ways. That’s what [Aruba ESP is. It’s built to be cloud-native. It’s built to be SaaS-based. But if a customer says, ‘You know what, I can’t do it. I need some part of it on-prem.’ We absolutely will do that without asking you to change your access points, your switches, your gateways and routers. That’s a pretty fundamental architectural difference between the the two companies.

What do you see then as the fundamental competitor to Aruba ESP in the Cisco portfolio?

What we compete against on a day in and day out basis is either Meraki or Cisco DNA, but the reality is neither one of them solve the problem the way we do. They don‘t have AI. Neither system has AI at the heart of it. Meraki you can claim is cloud-native. But then, if, if a customer like Lowe’s says, ‘I want my office to be on-premises management, but all my branches I want to be cloud-based.’ You have to buy two things from Cisco. With Aruba, it is one thing [Aruba ESP].

With Cisco, you would have to buy Meraki for the [Lowe’s] stores, you would then buy DNA for the campus and Viptela for the SD-WAN. It is three different things. They don’t necessarily connect to each other. And even if they did they don’t have the AI and security capabilities that we believe is fundamental to this ESP vision. Automation is at the heart of it. And automation with AI is the bet we made on ESP. That piece Cisco simply does not have: neither in Meraki or DNA.

This AI [experience] was a result of some of the acquisitions we did. We acquired Rasa [Networks in 2016]. We acquired Niara [in 2017] and Cape [Networks in 2018]. We don’t sell those products separately. We have integrated that into the ESP platform. So you get the network insights. You get the security insights. You get all of that through the ESP AI Ops tier, which neither Meraki nor DNA have.

What is the difference between the Cisco security and the Aruba security?

Cisco has a product by product silo versus [the Aruba ESP] platform. Different products have their own ways to manage, monitor and troubleshoot and there‘s really not a common architecture that brings it all together across campus and branch, across wired, wireless and WAN, across infrastructure, security and AI. There are three different dimensions in which you need to bring it all together. And those dimensions have not come together within Cisco.

You spoke about an Aruba customer that saved 600 hours of maintenance on a [Cisco] network down to six hours. What contributed to that 600-hour ROI savings?

That was directly a customer quote. The customer had Cisco wireless before. They were operating Cisco wireless. It was not built to be a nonstop network. What ‘nonstop’ means is you never stop the network for any reason—not for things failing in the network, not for upgrading the network, not for troubleshooting the network. The network simply just continues to work. The platform must continue to work.

With most systems and Cisco wireless in particular, they don‘t have a nonstop operational model. And we do. What that means is that you never have to really bring the network down, even to perform software upgrades, which is a big part of what you have to do. You want to keep your network fresh. You want to keep upgrading your software. You want to take the code the vendors put out and upgrade it. But every time you do that there’s a maintenance window, and the maintenance window is typically 24 hours. Then there are other issues such as downtime: access points go down or controllers go down or switches go down and when that happens the question is how much time do you put in to actually upgrade or change the architecture or replace hardware.

Taken together, that customer experienced 600 hours that effectively the network was down—out of commission. And with Aruba, they reduced that down to six hours and that was planned maintenance. That’s it. That’s remarkable. It‘s a real-world example of the amount of time that a network operator gets back.

That’s fundamentally it. It is about reducing the time on mundane tasks like keeping the network running, and giving them the time to do more advanced things like really go help your business, transform your business, automate your business. Do something that has higher value than just troubleshooting and fixing network issues.

What is the engine that allows Aruba to be nonstop?

The product is ArubaOS. This is the software that we’ve been building from day one.

If you look at ESP —ESP is a platform. The components of ESP at the infrastructure layer are AOS [Aruba Operating System]. At the security layer, it is ClearPass. At the AI Ops layer, it is Aruba Central. I am simplifying it for you but those are the three core elements.

This [Aruba nonstop network advantage] is about taking ArubaOS, making it highly robust and highly nonstop. We‘ve been at it for 18 years now. That has been all additive. We’ve added adaptive radio management. We’ve added client manager. We’ve added clustering. We’ve added zero touch operations. We’ve added software upgrades. I can keep going in terms of capabilities that build on each other. That is why I fundamentally believe the distance we have between us Cisco is vast.

It shows itself off in these kinds of value propositions to customers. So, to answer your question, it is our software operating system AOS that allows nonstop, reliable network operations to happen in wireless, wired and now with Silver Peak in SD-WAN as well.

How much simpler is the Aruba architecture for the intelligent edge, and what is the ROI difference?

What is the fundamental ROI difference between Aruba and Cisco in terms of building a next-generation intelligent edge platform?

This has been a multiyear journey for us, getting the foundational operating system to be re-architected and rebuilt with availability and high ROI in mind.

What Cisco tries to do architecturally is they take the mobility wireless traffic and try to put it on the switch infrastructure. Everything points to a switch in the Cisco architecture. We are exactly the opposite.

The switch is the transport. But the intelligence doesn‘t need to land on a switch. The intelligence needs to be in the software. And that software is delivered in the form of on-premises code on the controllers, and through the cloud with ESP. It’s unified and integrated. That’s the difference. Cisco really doesn’t have a similar comparison, if you will. Architecturally they are very different. And that makes it very complex.

To me the way to deliver availability and reliability is to follow the KISS principle: Keep It Simple. Cisco is not simple. They‘re very complex, and when it things get complicated it’s very difficult to manage. It’s very difficult to troubleshoot. It’s very difficult to keep things up in a reliable manner. We try to not do that. We try not to mix our drinks, if you will, and keep the wireless thing going, keep it going well. Keep the switching thing going, keep it going well. Of course they meet, but we’re not so tightly intertwined that one problem in one system causes problems in the other system. it’s actually kept simple with a purpose, to make it very reliable.

What are you seeing in terms of real-world scenarios for customers in terms of the nonstop performance of Aruba versus Cisco?

I can only relay what customers tell me, which is that once they have migrated from Cisco to Aruba their downtimes have gone down dramatically. The system just works. I don‘t have to pet it all the time or keep taking it down and maintain it for maintenance. That is fundamentally it.

The 600 hours to six hours was a dramatic sort of ROI concretely expressed in terms of time savings. This was from a customer, by the way, who actually had used nothing but Cisco in the past. And they were very, very nervous about going with an Aruba decision because they never played with Aruba before. This was their first foray. But now, this customer says, ‘I have now had an Aruba in the network for four years, and I couldn‘t have made a better decision. I’m very, very happy with it.’

I‘ll send you the quote. It’s on Reddit, actually. I’ll send you the quote that actually was posted there so you can see for yourself what customers are saying,

Have you named the customer?

In this case, I cannot name the customer. They did not want to be named, but it is a super-large multinational recognizable Fortune 100 type company.

Did that deal originate four years ago?

Yes. There was a POC [proof of concept] they went through, obviously a deep proof of concept. Customers take time to refresh, as they refresh properties, as they refresh buildings, etc. They are going through that process of moving to Aruba, and so this was a customer that said the experience has been remarkable in terms of how much more time they get back.

You’ve been competing with Cisco for 18 years now. What is the difference in the win rate now versus when you started?

First off, we used to win when we engaged. The problem for us was we did not have enough at bats. That was when we were a smaller company. With HPE now we have the at bats and therefore the win rate has obviously gone up dramatically in the last couple years that we‘ve come together with HPE.

That is the difference. We have a lot more at bats and therefore our win rate has gone up. Because when you put us head to head, we can win, eight out of 10 times we can win, but we just did not have enough at bats. Now we do.

Has the pandemic increased the Aruba win rate versus Cisco?

With the pandemic customers struggle with doing POCs because it requires physical access to labs and equipment. The first few months of the pandemic everybody was locked down, dealing with it and working from home. Even that was very helpful because we had our solution for work-from-home. So many of the customers actually adopted APs [access points] for their home environment, which is very important. That is probably the most important product for Aruba and for our customers and for our partners going into the next fiscal year.

Work-from-home has become a strategic imperative. Hybrid work is the way of the future. I think people will reconstitute how we work, cultures will change with how we adapt to this work-from-home and going to a workplace. And so the remote AP and Aruba work-from-home product has become very important in a post-pandemic kind of world.

But now we‘re beginning to see POCs come back, where people are evaluating equipment in labs and, you know, doing the right social distancing norms, and even in that scenario Aruba Wi-Fi can help you keep track of social distancing and ensuring that the workplace itself is safe.

So in both scenarios—work-from-home and work-in-the office—Aruba is showing that it is relevant in the post-pandemic world.

What is the call to action for partners on selling work-at-home Aruba solutions?

We have a cloud-native architecture so work-from-home is part of ESP. All partners need to do is to take our remote access points and position that for the home environment. It is cloud-native so they can set up the virtual gateways to connect to the cloud using Aruba ESP. That is the fundamental offer: remote APs. There is not a competitive equivalent in the market right now. And typically what solution providers must do is position work-from-home, and what customers are looking for is strategically to also pair that with a broadband connection to the internet that is actually reliable. So the key to that is partnering with a Comcast or an AT&T or Verizon that brings the broadband connection and layers the remote AP solution on top of it to create that reliable, always-on network experience. The non-stop Wi-Fi experience that corporations get in the office you can get in your home. That‘s the value. You can imagine how extremely important that is today.

What is the average cost of the typical solution given that many work-at-home customers are having networking troubles right now?

On average, depending on the model you buy the cost is $300 to $500 per home. It’s actually not very expensive. It is super easy. So you can roll it out to hundreds of these. And we have done that.

By the way, to make it easy, you don’t need IT at the home endpoint to deploy it. The employee can deploy it themselves. It is a complete zero touch operation from beginning to end from an IT perspective. It is super simple to set up and deploy so you can get the highly reliable Wi-Fi connection.

So it‘s not very expensive. It replaces the VPN. It gives you a much more stable, reliable internet experience. And I think that’s very, very important low-hanging fruit for partners to go take advantage of.

Vancouver Clinic is a good a good use case. In that case, it was all call center agents that needed to take calls from home. They needed a strategic infrastructure. VPN was not going to fit the bill. They needed the whole work-from-home setup. And so with the [Arbua] Remote AP they were able to do that overnight. Eighty percent of their call center agents were able to start working from home. So the call to action is that the pain is real. It‘s now. The need is real.

Customers are willing to listen to alternative stories [to solve pandemic work-from-home issues]. Partners should get familiar with the Aruba hybrid work offer, go position that especially in the work-from-home use cases. And finally offer it as a service. Don‘t just offer it as a product. It has a software component to it. Solution providers can take the Remote AP, take a broadband line, take the software to operate it, and wrap it together in a managed service. We’ll help them do that and it becomes a recurring revenue opportunity for their customers and for themselves.

What is the difference between Silver Peak and how you are integrating that versus Cisco Viptela?

The good news is Silver Peak is already cloud-ready. You can deploy it now. It follows the same Aruba principles: If you want it on-premises you can have it on-premises; if you want it in the cloud, you can have it in the cloud. We do not make that choice. The customer makes that choice. We will serve them in both situations with the same software and the same hardware. That is very important. We are not going to flip the game on the customers. That’s very important.

The first point of integration will be ClearPass because customers are saying, ‘I need a way to secure the edge.’ And with ClearPass and Silver Peak they will have a solution that is better than any firewall can give you. Because you can secure your IoT, your users, your devices, and your network. It’s not just about network security, which is what firewalls do. It’s about securing everything at the edge. And that’s what we do. That’s fundamentally different from Viptela, from Palo Alto [Networks], from anybody else in the marketplace. So the first point will be to integrate with ClearPass.

The second point will be to integrate with Aruba Central in a way that is simple and easy for customers to embrace Silver Peak. So they can get into Aruba Central and launch Silver Peak without forcing some sort of a Frankenstein integration. That is not the goal. The goal is to keep it simple. It works. What customers tell me about Silver Peak versus a Viptela or anybody else is, “It just works.’ It is reliable. It works. And wide-area networks are the fundamental backbone of networks. If things go down, your business stops. You can‘t do that. Silver Peak just works. We’re going to keep it that way. And we will have the integration points between Aruba with ClearPass on one side for security and Aruba Central on the other side for the AIOps.

When will ClearPass and Aruba Central be integrated with Silver Peak?

ClearPass we hope to be able to deliver that within the next six months and Aruba Central probably in the next 12 months.