SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Aruba announces automated security and wireless solutions
Fri, 3rd May 2019
FYI, this story is more than a year old

Hewlett Packard Enterprise company Aruba has announced two new offerings to help enterprise customers simplify the adoption of IoT.

First, Aruba ClearPass Device Insight delivers a single pane of glass for device visibility by employing automated device discovery, machine learning (ML) based fingerprinting and identification.

Additionally, Aruba introduced the Aruba 530 and 550 Series access points, an extension to its 802.11ax (Wi-Fi 6) IoT-ready access points.

Together, these solutions allow enterprises to remove IoT security and connectivity barriers while decreasing associated operational costs and complexities.

When addressing their IoT strategies, organisations globally are faced with new security and connectivity challenges.

There are more than 14 million new connected devices being added to the network every day.

The explosion of these vastly different and unpredictable device types renders manual device profiling techniques inadequate and makes automation a key requirement for securing IoT.

To add to the complexity, many IoT devices are often connected to disparate overlay networks that typically support only one type of connectivity, such as Wi-Fi, Bluetooth or Zigbee.

Aruba Hong Kong and Macau director and general manager Kenneth Ma says, "Aruba is pleased to introduce these new products to the APAC market.

“IoT technology will bring about huge industry changes in years to come -- but only with effective solutions and services can this potential be properly unlocked.

IoT security starts with visibility: AI-powered device discovery and profiling

Aruba's new ClearPass Device Insight uses machine learning and crowdsourcing to automate the discovery and fingerprinting of all connected devices and IoT devices on any wired or Wi-Fi network -- regardless of vendor.

Aruba's Data Science Laboratory leverages custom-built deep packet inspection (DPI) to create behavioural profiles that enable precision fingerprinting.

ClearPass Device Insight's cloud delivery platform leverages shared community learnings to identify newly-introduced devices.

Used with Aruba ClearPass Policy Manager and Aruba's Dynamic Segmentation security capabilities, IT teams can automate authentication and policy enforcement down to the device and user level, applying different access policies or rules based on the role designated for the device.

If any device exhibits abnormal behaviour, ClearPass can automatically quarantine or remove it from the network.

According to Gartner, "line of business, operational technology and building automation networks that were historically air-gapped are converging onto the enterprise infrastructure, adding more IoT devices and more attack opportunities."

Aruba's closed-loop approach eliminates blind spots and provides IT teams with an automated and intelligent security solution for visibility into this massive volume and variety of devices to the corporate network, often without IT oversight.

Comprehensive details about each device, including manufacturer, device location, ports and protocols used, application destinations and traffic volume are all available on ClearPass' single-pane-of-glass management platform for IoT visibility and control.

"Being able to easily identify the growing number of wired and wireless IoT device types on our network, without interfering with sensitive medical equipment, is critical to our security and compliance goals," says Sharp Healthcare network engineer Kevin Rothstein.

IoT Connectivity: Wi-Fi 6 APs as a platform for IoT

Aruba has also expanded its portfolio of next-generation 802.11ax IoT-ready access points to address growing wireless performance requirements as well as accelerate the adoption of IoT solutions.

When organisations consolidate multiple networks onto a single, converged infrastructure, IT teams can reduce complexity and improve return on investment when executing their IoT strategy.

A converged network simplifies IoT onboarding through automated endpoint discovery and provides a common policy framework for mobile devices, users and things.

Like the 510 Series announced in November 2018, the new 530 and 550 Series APs eliminate the need for IoT gateways and the resulting complicated network management requirements, allowing IT teams to easily connect a diverse set of IoT devices and sensors that utilise different protocols.

The support of Wi-Fi, Bluetooth 5 and Zigbee protocols on the new APs allow organisations to connect with 74% of today's IoT devices.

An added benefit of the 530 and 550 Series AP is that Wi-Fi 6 offers improved battery life for battery-powered IoT devices.

The protocol allows IoT devices to remain inactive until data needs to be transmitted. As a result, battery powered IoT devices realise significant power savings, reducing the maintenance windows for IT staff.

The efficiency improvements in Wi-Fi 6 amount to a faster performing and more efficient infrastructure as well as an enhanced experience for all the clients on the network.