BLOG: Modernize Your Network with SASE Offerings from HPE Aruba

October 20th, 2022 BLOG: Modernize Your Network with SASE Offerings from HPE Aruba
Seth Tollefson
Solutions Architect

 

Secure Access Service Edge (SASE) is a framework for network architecture that, through the cloud, delivers a comprehensive range of security services to the edge, ensuring zero-trust network access. SASE services include Software-defined WAN (SD-WAN), Cloud Access Security Broker (CASB), NGFW and Firewall-as-a-Service (FWaaS), Zero Trust Network Access (ZTNA), and Secure Web Gateways (SWG).

SASE architectures that combine comprehensive LAN, WLAN, SD-WAN, and WAN can be deployed from a single vendor’s offerings or be constituted from the best-of-breed networking solutions from multiple vendors. It can be unrealistic to expect a single vendor to respond to every evolving cybersecurity threat.

 

HPE Aruba Leads in SD-WAN

 

Aruba, a Hewlett Packard Enterprise (HPE) company, continues to lead in the SD-WAN space. Gartner has recently named HPE Aruba’s SD-WAN as a Magic Quadrant leader for the fifth time in a row in the WAN Edge/SD-WAN category. This distinction recognizes HPE Aruba’s ability to execute on, and lead in, their completeness of vision.

HPE Aruba facilitates the best-of-breed design methodology by offering tight integration of multi-vendor offerings. This seamless integration allows for a robust, flexible, and evolving infrastructure that can rapidly respond to these ever-changing security threats. The best-of-breed design allows for a consistent security architecture that can quickly adapt to these new threats by providing enhanced security while reducing the overall network security costs and providing for the continued network performance and satisfaction of your employees and business units.

As compute moves towards the edge and distributed workforces continue to need access to corporate resources from mobile devices (be it laptops, mobile phones, tablets, handheld scanners, etc.), there is a continued demand for Zero Trust Network Access to create context-based logical boundaries around applications and other network resources. HPE Aruba offers a wide breadth of technologies and partnerships needed to address this secure architecture. Of particular interest are HPE Aruba ClearPass Device Insight and HPE Aruba Central NetConductor, two of the many technologies offered by HPE Aruba, helping organizations heighten security and simplify network management.

 

HPE Aruba ClearPass Device Insight: Know What Is on the Network

 

HPE Aruba ClearPass Device Insight facilitates both the network and security administrators to automatically classify new and existing devices discovered in their network into multiple categories. Administrators can easily identify and segment these various devices into categories such as IoT devices, laptops, desktop computers, servers, route and switch hardware, smart devices, and more. Using machine learning clustering, any devices that are not automatically classified using system rules or user-defined rules are placed into generic device categories that can have classifications assigned to them – the goal is that nothing on the network is missed or ignored.

HPE Aruba ClearPass Device Insight offers an easy-to-use user interface that provides visibility into all the discovered devices on the network, along with a vast amount of detail on those discovered devices. The details on the discovered devices, along with changes over time and network activity, are continuously monitored and allow for the tracking of device attributes and tracking with hosts and endpoints the devices have communicated with. This allows for easy monitoring of endpoint communication and the ability to track how much data is being consumed by those devices.

On top of the information gathered from your own network devices, HPE Aruba ClearPass Device Insight also uses crowdsourcing of devices discovered across multiple customer sites, allowing for more up-to-date and specific classification of new devices. This crowdsourced information extends the ability for HPE Aruba ClearPass Device Insight to better group devices in the automatic advanced device classification process, providing more precise grouping of devices.

HPE Aruba ClearPass Device Insight is deployed as one or more physical or virtual collector appliances on your network. By default, the collectors use DHCP and SPAN passive collection methods to gather information, but this can be augmented by additional collection methods such as SSH, SNMP, NMAP, and WMI. HPE Aruba ClearPass Device Insight allows the administrator to specify in which subnets the collectors use these additional collection methods to provide additional insight for specific networks.

HPE Aruba Central NetConductor: Control Access Privileges and Segment Networks

 

It is well known in the networking industry that making access control decisions based on where and how devices connect to a network can lead to an overly complex manual decision-making process that can lead to gaps in security and is often error prone. This is no longer acceptable in the world where Zero-Trust networking is now a requirement and not just a talking point in meetings about the network’s architecture. HPE Aruba offers a modern solution to this error-prone manual application across distributed networks – HPE Aruba Central NetConductor.

HPE Aruba Central NetConductor can use the information gathered for your network to identify and secure network endpoints, enforce security and policy at scale, and automate the configuration and management of the network. HPE Aruba Central NetConductor can automatically configure your LAN, WLAN, and WAN network infrastructure to optimize your performance while maintaining the Zero Trust architecture that is demanded of today’s network.

HPE Aruba Central NetConductor decouples the security policies and the routing of client traffic from the underlying physical network infrastructure. The manual configuration of Access Control Lists and tracking of defined VLANs across a global network can be replaced by a network design in which policies can be automatically created and have those policy configurations disseminated to the appropriate networking devices in the environment. HPE Aruba Central NetConductor continually profiles the users and devices on the network and assigns the correct access policies and connection requirements to those objects based on the object’s authentication.

The distributed overlay-based automation that HPE Aruba Central NetConductor provides can be invaluable. It aids in acceleration of deployment, management, and protection of your distributed network from the edge to the cloud. The ability to reduce the workload of overburdened network and security staff while reducing error-prone manual configuration across the network allows for a more robust and performance-optimized network experience for end users across the entire distributed network.

Get Started with Network Modernization

 

As an HPE/Aruba Platinum partner, Mainline has a deep-rooted, long-term relationship with Hewlett Packard Enterprise and specifically Aruba Networks. Hewlett Packard Enterprise has solutions that can address a wide variety of network and security challenges from the data center to the cloud.

Together we help our customers solve today’s, as well as tomorrow’s, data networking challenges. From assessments and analyzing the current architecture to designing and implementing a new solution, Mainline has the proficiencies necessary to help your company drive powerful business outcomes. To get started with your network modernization, contact your Mainline Account Executive directly or reach us here.

You may be interested in:

BLOG: Aruba Networks Offerings

VLOG: Security to the Edge (7:35)

Mainline