How do Aerohive 802.11ac AP products compare with competitor's offerings? #InfoneticsWebinar

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
How do Aerohive 802.11ac AP products compare with competitor's offerings, such as Cisco Meraki, Ruckus, Uniquity, etc?


Photo of Alex Cher

Alex Cher

  • 2 Posts
  • 0 Reply Likes
  • Excited

Posted 4 years ago

  • 1
Photo of Lisa Anthony

Lisa Anthony

  • 3 Posts
  • 0 Reply Likes
Rookie Response:

The Key advantage is controler-less edge management - This allows for easy expansion and upgrades and less stress on LAN w/ loads of user management options
Photo of ecujak


  • 1 Post
  • 0 Reply Likes
What does that have to do with 802.11ac?   
Photo of Crowdie

Crowdie, Champ

  • 965 Posts
  • 270 Reply Likes
It is really easy to focus on access point performance, particularly the so called "bake off" speed tests but in reality it is actually not that important.  If one wireless vendor's access point is 5% faster but lacks the post authentication feature set required for the customer's future development is that wireless vendor a wise choice for that customer?

Having worked with Aerohive, Cisco Meraki ,Ruckus and Ubiquiti here are my thoughts on all four vendors:

  1. Does not require the deployment of wireless LAN controllers.
  2. Supports true role based access control out of the box.  There is no need to add additional servers, such as Aruba's ClearPass or Cisco's Identitiy Services Engine, although both the previously mentioned products do have more features than Aerohive's HiveOS.
  3. Features a layer seven (application aware) firewall with deep packet inspection in every access point.
  4. Has a mid range WIPs solution in each access point.
  5. Supports up to sixteen Private PSK groups (each with unique validity periods) per SSID.
  6. Extremely feature rich but is starting to become dependent on cloud-based licensed products, such as ID Manager and Client Management, which is a move away from Aerohive's original ethos of "everything in a box without additional licenses".  Having these services, or even "lite" versions of these services, available for on-premise HiveManager deployments would be great.
  7. With the end of life notice for the last single radio access point Aerohive can be a little pricey in comparison to products such as Ubiquiti for small deployments.
For post authentication client manipulation Aerohive is hard to beat.  Features such as client classifiers are not offered elsewhere without expensive add-on services and Private PSKs are still an excellent guest option.  The introduction of ID Manager resulted in no further development of the excellent User Manager and this looks set to continue, which is disappointing.  Adding the ability to restrict Private PSKs to non-similar characters and the ability to E-mail the Private PSKs when they change would resolve two of the biggest issues with User Manager. The Client Management product looks like it has potential but, like the ID Manager product, requires further development to be a real threat to products like Aruba's ClearPass and Cisco's Identity Services Engine.  Overall Aerohive is an excellent product but its price point can put it out of reach of some smaller deployments.

Cisco Meraki

  1. Extremely quick to configure but lacks a lot of "depth" with most features not being very configurable - commonly it is on or off.
  2. Has a dependence on having to be in constant communication with the Meraki cloud controller.  A number of features become unavailable if communication is lost.
  3. A number of features require the MX security appliance so you always need to factor in one of these.
  4. Lacks some basic features you would expect to have with an enterprise wireless network:
  • Does not have the ability to disable all 802.11b data rates (1, 2 and 5.5 Mbps can be disabled but not 11 Mbps).
  • The mandatory (basic) data rates used for the transmission of broadcast and multicast traffic cannot be configured (or even seen).
  • The spectrum analysis tool cannot be run on an access point with clients actively connected.

For the price point the Cisco Meraki offering is a little disappointing.  The feature set is better suited for a lower price point.


  1. The coverage area of the Ruckus access points with integrated antennas is second to done.
  2. The 120 degree internal antennas help reduce co-channel interference and channel utilisation by not propagating signal in the standard circular propagation pattern of the omni-directional antennas commonly used in access points.
  3. Has a "zero touch" BYOD provisioning feature which, while not perfect, is rather good.  Currently has issues with Android deployments but, unlike other vendor offerings, does not require per client licensing (hint hint Aerohive).
  4. Does not have a layer seven (application aware) firewall and all firewall rules (as well as rate limits, etc.) are applied per WLAN rather than per user type (as with Aerohive).
  5. The Dynamic PSK feature is let down by only being able to define one validity period per wireless LAN controller.
  6. Has more functionality than Cisco Meraki but not as much as Aerohive.
The Ruckus product is very popular in the education sector in my country as the number of access points required to provide total coverage across the campus is less than other vendors due to Ruckus' adaptive antennas.  Ruckus is let down a little by the lack of functionality in their ZoneDirector wireless LAN controllers so is better suited to less complex wireless deployments.

4.  Ubiquiti

  1. The Ubiquiti access points have huge coverage areas for access points with integrated omni-directional antennas.  However, in independent testing the client throughput dropped very quickly as additional clients authenticated to the access point.
  2. Is controlled by a software based wireless LAN controller.  The current release version (2.x) only supports a single site but a candidate release of the multi-site version (3.x) is currently available.  A cloud management version (4.x) is coming but, as version 3.x is currently still a candidate release, it is safe to assume it will not be in the next few months.  The software based controller installs itself into the Windows profile of the account used to install it, which is an issue if you are installing it onto Windows Server.  The software controller works with Windows Server 2003 (ignoring the profile issue, which can be a major issue) but we have had issues with its Java requirements under Windows Server 2008 and we had not been able to get it to work at all under Windows Server 2012.
  3. Authentication is limited to 802.1X using RADIUS attributes for role assignment, PSK authentication, external captive portals and a voucher based hotspot solution.
  4. Has no WIPs or firewall functionality.
  5. Some models have no console port so on-site fault finding can be extremely difficult.
  6. The Ubiquiti PRO dual radio access points, including an 802.3af PoE injector, sells for a little more than a top of the line 802.3af PoE injector sells for.
The Ubiquiti wireless solution is sold as an enterprise product but it quite clearly isn't.  However, with the absolutely fantastic price point (including a free software based wireless LAN controller) it is hard to beat for basic wireless deployments such as small shops, student flats, etc.

These are my thoughts on these products but what do you think?
Photo of Alex Cher

Alex Cher

  • 2 Posts
  • 0 Reply Likes
Wow, Crowdie! Thanks for this thorough response. Very good info.
Photo of Jonathan Van Der Zee

Jonathan Van Der Zee

  • 1 Post
  • 0 Reply Likes
Thank you for this write up.  Very good information.
Photo of nx u

nx u

  • 1 Post
  • 0 Reply Likes
Thanks a lo for this.