SmartZone

/ ZoneDirector
smartzone benefits
ZD 9.13 / SZ 3.4

Scalability – As a carrier-class solution, the SmartZone platform was architected to

serve very high-scale networks with fewer controller nodes, easier management, and
centralized control. The multi-zone hierarchy provides deployment flexibility for up to
30,000 APs and 300,000 clients in one cluster.

Active Clustering – Ultra scalability meets simple redundancy with an active:active

cluster design that allows operators to add or remove nodes on demand. APs are
balanced across the cluster with no “passive” nodes sitting idle as wasted capacity
or cost. The entire cluster can also be backed up as a snapshot and stored offline.

Hardware or Virtual – With such diversity in business, financial, and operational

requirements driving Wi-Fi network design, SmartZone was built as a flexible
platform, which can be run on-site or off-site, in a public or private cloud, as a
hardware or virtual platform, or for very small or very large networks.

Tunnel Capacity – Individual SmartZone nodes can deliver up to 10Gbps of data

throughput, with a full cluster capable of up to 40Gbps. APs can also bridge traffic
locally, providing full flexibility for either distributed network designs or centralized
designs. A virtual data plane option also exists (extra cost) for the virtual SmartZone.

Flexible Licensing – Licensing is cloud-managed and can be moved (by the

customer) from a virtual to a hardware (or vice versa) SmartZone. AP licenses are
shared among cluster nodes, eliminating redundant controller licenses. And, for
phased rollouts, licenses come in single increments to avoid stair-step costs.

Integration with APIs – With a commitment to 3rd party management, monitoring,

reporting, logging, and various other integration tools, SmartZone comes with an
API ever-increasing compliment of public APIs that are shared with partners, service
providers, and customers for their unique requirements.

Built-In Reporting – SmartZone utilizes a clustered database to provide up to 30-

days of integrated reporting at zero cost. Customers can also integrate their own
reporting tools or utilize Ruckus’ SmartCell Insight platform for longer-term and
custom reporting needs.

Survivable Design – Enabling customers in a variety of network scenarios, the

SmartZone design puts a premium on AP intelligence and survivability, allowing
authentication, RF optimization, data security, mesh, and a long list of other features
to continue operating normally, even if the SmartZone is unreachable by APs.

Ruckus Proprietary and Confidential Ruckus Wireless | Jun 2016 | 1

SmartZone / ZoneDirector
product comparison
ZD 9.13 / SZ 3.4
vSZ is one product
with two modes

Solution Overview
vSZ - E vSZ - H
Feature SZ100 SCG200 ZoneDirector
(Essentials) (High-Scale)

75 / 500 /
Single Node Scale (AP count) 1,000 1,000 10,000 10,000
1,000

Single Node Scale (Client Count) 25,000 25,000 100,000 100,000 2K / 10K / 20K

Active Clustering with Redundancy 3+1 3+1 3+1 3+1 -

Cluster Scale (AP count) 3,000 3,000 30,000 30,000 -

Cluster Scale (Client count) 60,000 60,000 300,000 300,000 -

Standby Controller Redundancy - - - - 1:1

Unified for Unified for Unified for

Centralized Management Console Unified for Cluster FlexMaster
Cluster Cluster Cluster

Multi-Tenant Management - - ✔ ✔ -

SPoT Integration ✔ ✔ ✔ ✔ ✔

SCI Integration ✔ ✔ ✔ ✔ ✔

FlexMaster Integration - - - - ✔

Web Services API (public) ✔ ✔ ✔ ✔ -

Tunneled Data Capacity 10 Gbps - - 20 Gbps 1 Gbps

License Purchasing Model Per AP Per AP Per AP Per AP AP Bundles

License Pooling on Cluster ✔ ✔ ✔ ✔ -

Cloud or Cloud or
License Management Cloud or Local Cloud or Local Local
Local Local

(4) 10GbE data

SZ104 – (4) 1GbE
(2 ea) 1GbE
Appliance Port Count SZ124 – (4) 1GbE - - (2) 1GbE
ctrl/mgmt/
+ (2) 10GbE
cluster

1 or 2
Redundant
(1) Ctrl/Mgmt/ 1 Redundant
Ports per Plane
Port Groups Data - - Group (Ctrl/
(Ctrl/Mgmt/
(2) Ctrl/Mgmt + Mgmt/Data)
Cluster/Data)
Data)

Advanced Data Plane (i.e. TTG,

- - - ✔ -
SoftGRE, Q-in-Q, 3rd Party Tunnel

Controller Deployed Behind NAT

✔ ✔ ✔ ✔ ✔
(with remote APs)

GUI Search Technology Elastic Elastic Filtering Filtering Elastic

Ruckus Proprietary and Confidential Ruckus Wireless | Jun 2016 | 2

SmartZone / ZoneDirector
feature comparison
ZD 9.13 / SZ 3.4

Wireless Performance Security

Feature SmartZone ZoneDirector Feature SmartZone ZoneDirector

BeamFlex ✔ ✔ DPSK ✔ ✔

ChannelFly ✔ ✔ ZeroIT - ✔

ChannelFly Run/Stop - ✔ Hotspot 2.0 Rel1 ✔ ✔

Auto Channel (BGscan) ✔ ✔ Hotspot 2.0 Rel2 ✔ ✔

SmartMesh ✔ ✔ Integrated AAA ✔ ✔

PD-MRC ✔ ✔ Local User Database ✔ ✔

Transmit Beamforming ✔ ✔ Controller or AP as

✔ -
RADIUS (NAS) Client
AirTime Fairness ✔ ✔
Direct .1X Auth to AD/LDAP ✔ -
WMM ✔ ✔
802.11w MFP ✔ -
Band Steering ✔ ✔
L2 MAC Filter ✔ ✔
Band Balancing ✔ ✔
Same-AP Client Isolation ✔ ✔
Load Balancing ✔ ✔
Full Client Isolation ✔ ✔
SmartRoam ✔ ✔
L3-4 ACL ✔ ✔
PMK Caching ✔ ✔
Role-Based ACL ✔ ✔
802.11r/k ✔ ✔
Application (L7) Blocking ✔ ✔
802.11v ✔ ✔
Full Administrative RBAC ✔ -
Capacity-Based
✔ - RADIUS Failover ✔ ✔
Admission Control

User Rate Limiting ✔ ✔ OS Policies ✔ ✔

Background Scanning ✔ ✔ Rogue Detection/Report ✔ ✔

DFS Channel Support ✔ ✔ WIPS Rogue Containment ✔ ✔

Channel Blacklisting ✔ ✔ Management ACL ✔ ✔

WMM-PS (U-APSD) ✔ ✔ MAC Auth WISPr Bypass ✔ ✔

WMM Admission Control - ✔ 802.1X MAC Auth with

- ✔
Guest VLAN Fallback (port)
VLAN Pooling ✔ ✔
Dynamic VLAN
Unicast to Multicast Assignment – 802.1X / ✔ ✔
✔ ✔
Conversion WISPr

Video QoS Heuristics ✔ ✔ Realm-Based Auth Routing ✔ -

DHCP Relay ✔ ✔ Proxy ARP ✔ ✔

Ruckus Proprietary and Confidential Ruckus Wireless | Jun 2016 | 3

SmartZone / ZoneDirector
feature comparison
ZD 9.13 / SZ 3.4

System Features Management

Feature SmartZone ZoneDirector Feature SmartZone ZoneDirector

Bonjour Gateway ✔ ✔ SNMP ✔ ✔

Application Visibility (DPI) ✔ ✔ Email Notifications ✔ ✔

Indoor Maps - ✔ Alarms ✔ ✔

Outdoor Maps ✔ - Events ✔ ✔

Spectrum Analysis - ✔ Syslog ✔ ✔

AP Packet Capture ✔ ✔ Public API ✔ -

LLDP on APs ✔ ✔ IPv6 – Control Plane ✔ ✔

Client OS Fingerprinting ✔ ✔ IPv6 – Data Plane - ✔

Ekahau BLINK - ✔ Mobile App – ZD Remote - ✔

Aeroscout Tag Support - ✔ Mobile App - SWIPE ✔ -

AP Mgmt VLAN Tagging ✔ ✔ Admin Audit Log ✔ -

AP Survivability Integrated Reports ✔ -

SpeedFlex Speed Test ✔ ✔

Feature SmartZone ZoneDirector

Data Bridging by AP ✔ ✔
Guest Access
BeamFlex ✔ ✔
Feature SmartZone ZoneDirector
Adaptive Mesh ✔ -
WISPr Hotspot ✔ ✔
802.1X Authentication ✔ -
Integrated Guest Portal ✔ ✔
ChannelFly and BGscan ✔ -
Integrated HTTPS Portal - ✔
Band Balancing ✔ ✔
Integrated Guest Passes ✔ ✔
Load Balancing ✔ -
Web Authentication ✔ ✔
Bonjour Gateway ✔ ✔
Guest Self-Registration - ✔
Application Visibility ✔ ✔
HTTPS redirect ✔ ✔
Guest Access ✔ -
Apple CNA Bypass ✔ ✔
L2 MAC ACL ✔ -
SMS Integration ✔ ✔
L3-4 ACL ✔ ✔

OS Fingerprint ✔ -

Client Isolation ✔ ✔

Capacity-Based
✔ -
Admission Control

Ruckus Proprietary and Confidential Ruckus Wireless | Jun 2016 | 4

SmartZone / ZoneDirector
deployment awareness
ZD 9.13 / SZ 3.4

SmartZone Deployment Awareness

Feature / Function Something to be aware of…

ZD to SZ Migration For documentation and best practices in a step-by-step migration, contact your Ruckus rep.

Traditional wireless solutions (including ZoneDirector) have focused on providing redundancy by adding
standby controllers, which may incur some extra cost and licensing. To improve scalability, resiliency, and
performance while decreasing cost, the SmartZone architecture was built in a cluster model that allows
Cluster Deployment
all nodes to remain active at all times. All nodes (controllers) in the cluster are managed from a single
console, all licenses are shared across the cluster, and by distributing AP, control, and data load across
the cluster, performance is improved.

The Virtual SmartZone (vSZ) is a single product with two distinct operating modes: Essentials and High-
Scale (previously known as Enterprise and Carrier). The Essentials (E) mode scales up to 1,000 APs per
node (3,000 per cluster) and has a simplified GUI interface designed for enterprise use cases. Due to its
Essentials vs High- lower scale, the GUI interface has optimized reporting with more granular filters for analytics. The High
Scale Mode Scale (HS) mode scales up to 10,000 APs per node (30,000 per cluster) and has a GUI interface that
provides improved scale and network segmentation of APs into different zones and organizational
domains. Further, it includes a multi-tenant design that allows for managed-service, service provider, and
MVNO use cases.

The SmartZone hardware and virtual solutions are designed to be flexible, to meet the variety of use
cases and design priorities of different organization types. Simple enterprise networks often prefer to plug
in a single cable that provides full access to management, AP control, and data tunnels. More
sophisticated organizations want to segment these network functions into different logical or physical
Port Groups
planes (with redundancy) for security, operational, or other network design reasons. SmartZone
hardware allows for interface segmentation into different port groups, while virtual SZ allows for flexibility
in the number of logical interfaces—for the same reason. For more details, please see product
documentation to understand how your solution can integrate seamlessly into different networks.

When a ZoneDirector is deployed behind (i.e. inside) a NAT router, APs deployed outside the NAT router
can connect to the controller for control and data planes as long as the NAT router forwards the
appropriate connection ports to the ZoneDirector (and the APs connect via the public IP address).
In the SmartZone architecture, when the SZ is deployed inside a NAT router, there are caveats and
limitations to the AP connection.
SZ100 and vSZ-E controllers can be configured with a “control NAT IP address,” which allows APs to
Deploying Remote connect to the controller via the NAT router’s outside interface (typically a public IP address). However,
APs with Controller APs deployed inside the NAT router (local to the controller) will also need to connect to the controller via
behind NAT Router the NAT router’s outside address, which means a NAT hairpin will be needed.
If all APs are local to the controller, the control NAT interface should not be configured.
On the SZ100, the control and data planes must be treated differently, with the following guidelines:
Version 3.0.4: vSZ control NAT interface is supported, SZ100 control/data NAT interface not supported
(cannot use SZ for data tunnel)
Version 3.1.1: SZ100 control NAT interface is supported, data NAT interface not supported
Version 3.2: SZ100 data NAT interface will be supported.

The SmartZone OS has two different types of backups: configuration and cluster. Configuration backups
follow the common practice of exporting a configuration file, which can be imported at a later date to
restore a specific configuration (and only configuration). Cluster backups provide a recovery solution for
Cluster Backups
the entire system, and include much more than just the configuration—firmware, database, and
configuration. You can think of a cluster backup as a complete system snapshot that can be used to
restore the system in full. To export the cluster backup, use the CLI with an FTP server.

ZoneDirector software supports a feature that allows the administrator to define a specific tagged VLAN
AP Mgmt VLAN
for AP management traffic. By default, AP management traffic uses the native VLAN of the AP’s
Tagging
switchport. SmartZone software will support VLAN tags for mgmt traffic in 3.2.

Ruckus Proprietary and Confidential Ruckus Wireless | Jun 2016 | 5