Gain visibility, control, and advanced threat defense with Aruba 360 Secure Fabric
Until recently, a perimeter-based security approach was used by enterprise security teams, where IT operations would maintain a tight grip over network and computing resources – including systems, data, and apps that were accessible and were used by employees. However, the current number of ‘technological disruptors’ – mobile, BYOD, virtualization, big data, cloud, and IoT have rendered it impossible to use this security approach.
This is because legacy security technologies were designed to keep previous threats and environments in mind, and they do not consider the present’s highly complex and targeted attacks. In a fast-changing threat landscape, a newer approach is needed where with the help of advanced technology, user and device risk is constantly assessed.
Aruba 360 Secure Fabric is an enterprise security framework that enables IT and security teams to gain visibility, advanced threat defense and control.
With an analytics-ready secure infrastructure, Aruba indoor and outdoor switches, gateways, wireless access points, and controllers are embedded with extensive protection in their foundation only. This is done to secure the network infrastructure and the traffic that flows through it.
The Aruba security portfolio includes the following:
- Aruba Policy Enforcement Firewall
A next-generation user, device, and application policy enforcement firewall (PEF) that is role-based and provides automated Dynamic Segmentation functionality for wireless and wired access security in any Aruba environment.
- Aruba ClearPass Policy Manager
This provides role and device-based secure network access control for IoT, BYOD, corporate devices, including employees and guests across any infrastructure (multivendor, wired, wireless, and VPN).
- Aruba ClearPass Device Insight
A cloud application that allows network and security administrators to monitor, discover and automatically classify any new or existing devices that connect to a network.
- Aruba IntroSpect integrated User and Entity Behavior (UEBA) and Network Traffic Analysis (NTA).
Security teams can now design a seamless path that encompasses user and device discovery and access management and analytics-driven threat detection and response, depending on policies specified by the company with the Aruba 360 Secure Fabric.
How can an organization benefit from the Aruba 360 Secure Fabric?
Multivendor, closed-loop protection with Aruba 360 Security Exchange
The Aruba 360 Security Fabric is an open, multivendor platform that integrates with more than 140 partners in the Aruba 360 Security Exchange program to allow organizations to leverage their existing third-party solutions to better protect their investments. This is done through the seamless integration of Exchange sourced products with Aruba solutions. One key advantage is that the Aruba 360 Secure Fabric provides the flexibility of an open architecture along with the elements of a unified solution.
Aruba Secure Network Infrastructure
Secure boot, military-grade encryption, deep packet inspection, VPN, IPS, and policy enforcement firewalls are all part of Aruba Secure Infrastructure.
Every second an attacker is connected to the network, thousands of malware packets are sent out. Traditional firewalls that use IP-based VLANs for control become active only after a user or device has penetrated a significant portion of the network, leaving a security gap.
The Aruba Policy Enforcement Firewall (PEF) eliminates the security gap by placing a firewall between a user or a device and the network during initial access through running on either a Mobility Controller or an Instant Access Point. PEF, in conjunction with Dynamic Segmentation, makes Aruba networking more secure through the unique enforcement of IT access policies based on user/device identity and privileges associated with it and is the only firewall to enforce Zero Trust at the point of access through the use of identity and roles.
Expanded Visibility and Control
Organizations require a secure network foundation and additional visibility and control due to the expanding IT attack surface and a constantly evolving network. Enterprises can gain better device visibility and manage a complete set of access control use cases, including BYOD, guest, wired and wireless connectivity to attack response and policy-based remediation with the ClearPass family of products.
Aruba ClearPass Device Insight provides valuable visibility and profiling to address security and compliance risks associated with unrecognized and unmanaged devices connected to networks, owing to the expanding number and variety of devices connecting to networks. This includes the new Internet of Things (IoT) devices that are frequently deployed in a customer’s environment without first considering the security consequences. Aruba ClearPass Policy Manager then delivers the required control and response required to address the users or devices that can access internal and external resources.
Aruba ClearPass Policy Manager also integrates with the self-contained Policy Enforcement Firewall. The ClearPass provides a complete NAC solution, including policy definition services and streamlined authentication that are delivered to PEF for enforcement purposes.
Aruba Dynamic Segmentation
IT can deliver an intelligent network edge that securely connects all types of devices and users by combining Aruba Secure Infrastructure and Aruba ClearPass Policy Manager.
Dynamic Segmentation improves security and simplifies network operations by administering unified policies across wired and wireless networks. This is to ensure: one, appropriate access, and two, security policies are effortlessly distributed, automatically applied and independently enforced for all devices and users without the requirement of any additional changes.
Advanced Threat Detection and Response
Aruba IntroSpect integrated UEBA and NTA identifies attacks through the detection of minor behavioral changes that are often indicative of stealthy threats.
A unique feature of Introspect is that it assesses the entire infrastructure for threats through the absorption of a range of sources, ranging from network packets and flows to IT logs and alerts. In addition, it uses machine learning-based intelligence and automates the detection of the attack by providing visibility to security and network operations throughout the kill chain.
A benefit of supervised and unsupervised machine learning models is that they deliver actionable intelligence in order to proactively respond to the advanced cyberattacks with the enterprise-scale to secure large amounts of distributed data and protect millions of users and devices.
IntroSpect can also work with ClearPass or existing infrastructures solutions to respond to an attack either through taking a range of manual or automated actions.
The Aruba 360 Secure Fabric delivers state-of-the-art advanced threat defenses, network, visibility, and access that is designed to easily integrate into the Aruba security ecosystem and existing multivendor environments.
Curious about how your organization can build an impenetrable fort around your critical data? Get in touch with our experts today.
Vertex Techno Solutions (B) Pvt Ltd is a multi-award-winning pioneer in the technology infrastructure solutions and services domain with its roots running deep into the IT industry for nearly 30 years.
Vertex offers top-notch enterprise and end-consumer IT Infrastructure & Computing Solutions & Services at competitive prices.
We have helped improve, transform and grow companies across multiple verticals with our industry & technology expertise and unparalleled support services.