Training Services
Get you training Wi-Fi on with training from Wirless experts
Design Services
BBRS Consulting can help you build state-of-the art Wiless Networks
Site Survey Services
Site survey is crucial of the success of WLAN project get it done of wirless experts
Consulting on Mobility Services
Industry-leading skills and methodologies in wirless and our capabilities are unrivalled
Support Services
Your Networks in good hands

Course Overview

Using lectures and labs, the 3-day Scalable WLAN Design and Implementation (SWDI) course builds upon concepts introduced in the Implementing Aruba WLANs course. SWDI covers content enabling the student to understand and implement advanced topics included in Aruba's firewall features such as policy design, authentication and role derivation. Additionally, it covers subject material for building complex networks using Aruba's Remote APs and multi-controller environments based upon the Campus WLAN Reference Architecture 3.3 for network design and redundancy.

Upcoming Classes

Who should attend?

Who should attend: Network engineers responsible for network design and implementation using multiple Mobility Controllers.


  • Aruba Certified Mobility Associate (ACMA) certification required
  • Implementing Aruba WLANs course recommended
  • Ability to provision an Aruba controller with multiple SSIDs, captive portal and 802.1X

Course Contents

This course covers the following topics:

  • Aruba Architecture Review
    • he Aruba Solution
    • Aruba Architecture and Network Design
    • AP Groups
    • Lab Equipment Review
    • Lab: Mobility Controller Setup Wizard
    • Lab: Install Licenses
    • Lab: Configure and test WLANs
  • Wired Access
    • Secure Jack
    • Wired Multiplexers
    • Configuring Secure Jack operation
    • Lab: Configuring secure jack on AP and Controller
    • Lab: Setup Port Policies and Vlan Policies
  • RAP review
    • RAP Introduction
    • New Platform
    • Rap2 and Rap5 Deployment
    • Pre-staging certificate RAPs
    • Zero touch deployments
    • Post Deployment
    • RAP Uplink Bandwidth Reservation
    • Content Security Service (CSS)
    • RAP Local Client Access
    • Troubleshooting
    • Lab: Create ap group RAP for Remote AP
    • Lab: Create spilt-tunnel policy and assign it
    • Lab: Populate white list
    • Lab: Provision the rap2
    • Lab: Test Rap configuration
  • Virtual Internet Access (VIA)
    • VIA Introduction
    • Configuration
    • VIA Requirements and Installation
    • VIA Operations
    • Troubleshooting
    • Lab: Configure VIA access on Controller
    • Lab: Setup VIA client on Laptop
    • Lab: test VIA access
  • Site-to-Site VPN
    • Site-to-Site overview
    • Configuration
    • Troubleshooting
    • Lab: Build VPN between controllers
  • Master/local operation
    • Master/local benefits
    • Inter-controller IPSec
    • Controller specific AP Groups
    • Multi Controller AP Configuration
    • VLAN Pooling
    • Named Vlans
    • AP Termination
    • Remote Node operations
    • Lab: Reprovisioning controllers for master/local operation
    • Lab: Reprorvisioning APs for master/local operation
  • Mobility
    • 802.11 mobility review
    • Single Controller vs Multi Controller
    • L2 vs. L3 mobility
    • Understanding mobility domains
    • Configuring mobility domains
    • Lab: Configure L3 mobility and the home agent table
  • Master redundancy
    • Understanding master redundancy
    • Master Redundancy DB Synchronization
    • Configuring master redundancy and VRRP
    • Lab: Backup your controller’s configuration.
    • Lab: Configure VRRP between the two controllers.
    • Lab: Configure master redundancy.
    • Lab: View Master synchronization and test the redundancy operation
  • Local redundancy
    • Types of AP redundancy
    • Understanding N+1 redundancy
    • Understanding active-active redundancy using VRRP
    • Lab: Configuring local redundancy using active-active and VRRP
    • Lab: Test failover scenario
  • Wireless intrusion prevention
    • L1 attacks
    • L2 attacks
    • Rogue Detection and Containment
    • Threats and countermeasures
    • DoS Attacks
    • Surveillance
    • Impersonation/Man-in-the-Middle
    • Unauthorized Device Detection and Containment
    • Access Monitor
    • Best Practice
    • Management of IDS events
    • Rogue AP detection, location, and containment
    • Lab: Air monitor group creation and provisioning
    • Lab: Rogue containment
  • RFProtect
    • RFProtect features
    • Access Points and Air Monitors
    • Creating Air Monitors
    • Rogue AP detection, location, and containment
    • Rogue Classification
    • Configuring rule based classification
    • L3 Rogue Classification
    • Configuring containment
    • Wireless client “Tarpit” containment
    • Wired Containment
    • Threats and countermeasures
    • Configuring IDS using wizard
    • WebUI Monitoring
    • IDS events logging
    • Lab – Air monitor group creation and provisioning
    • Lab – Rogue containment
  • Mesh
    • Mesh Operations
    • Mesh Solutions
    • Mesh Clusters
    • Configuration of Mesh Portals Mesh Points
    • Remote Mesh Portal
    • Mesh Troubleshooting
    • Lab: Setup a Mesh Network