At Aruba’s virtual Atmosphere event recently, they announced a vision around the network having a ‘sixth sense’. Throughout the virtual sessions and demos one thing became obvious – Aruba is finally executing on its strategy to pull its portfolio in to a tighter weave — something we’ve all been waiting for. The implications of that for the wireless portfolio we’ll cover another day. For now, I want to focus on the strides they’re making on the wired side.
Today’s buzzwords of “zero trust networking” and “micro-segmentation” are peppered through every vendor’s sales presentation, but few manufacturers have really started delivering on that promise – at least not in traditional LAN environments. Enter Aruba. Just as we were beginning to fear their portfolio was shattering in to a million splinter solutions, they buttoned it up and brought a vision.
Given that Network Access Control (NAC) projects are a long-standing core competency, some of the notable content from Atmosphere included announcements around ClearPass Device Insight and integration with the new ArubaCX switching platform.
You’ve been wondering what I mean my “network minions“, haven’t you? Let me explain. Whether we call it zero trust networking, micro-segmentation, NAC, or anything else – the first step is always discovery and visibility. We need to know what all those endpoints are. In a world of IoT where endpoints on a traditional enterprise network increase exponentially over time, this task has gone from tedious to gruesome. It’s the most time-consuming part of a NAC deployment, but done right, it’s the key to a highly secure environment.
What Aruba is promising in their ClearPass Device Insight enhancements is more intelligence and automation in this very manual task. In addition, they’ll be leveraging the wired infrastructure (via ArubaCX switches) as ‘collectors’ that get to watch all the data traversing the network, and then feed that for analysis to further bolster both the ClearPass Device Insight profiling engine as well as the threat and vulnerability database.
A recap of new features:
- Advanced visibility and profiling technology using AI/ML and UEBA
- Endpoint security with cross-referenced CVEs against discovered and profiled platforms for threat management
- Full traffic visibility without span and tap ports through switches
- Behavioral data overlaid for troubleshooting, AIOps, profiling, and security
This feature set is less about specific products and more about an ecosystem, and it’s all part of their new Edge Services Platform (aptly referred to as ‘ESP’ to go along with the Sixth Sense theme).
Want to learn more? Schedule a free 30-minute consulting call with our team via your account manager to learn more about how the new strategy and solutions may help you address specific challenges.