Aruba ESP Unveils New Enhancements to Secure Enterprises from Edge to Cloud

Aruba, a Hewlett Packard Enterprise (NYSE: HPE) company, today announced a series of cross-product, edge-to-cloud security integrations and new improvements to Aruba ESP (Edge Services Platform), including: integrating the ClearPass Policy Manager secure network access control platform with the Aruba EdgeConnect SD-WAN edge platform (formerly Silver Peak), integrating Aruba Threat Defense with the EdgeConnect platform, and expanding the multi-vendor security partner ecosystem of Aruba ESP, allowing enterprise customers to freely deploy the best-of-breed cloud-delivered secure access service edge (SASE) security components of their choice. The Aruba ESP improvements announced today allow enterprises to quickly catch up with the trend of digital transformation from edge to cloud.

As businesses and organizations grapple with the challenges of the COVID-19 pandemic and adapt to the new normal of “work from anywhere,” the adoption of cloud managed services will continue to accelerate. This shift is increasing the urgency of transforming traditional data centers and MPLS- and virtual private network-based networks to a cloud-native SASE architecture that can more dynamically provision secure network services while protecting data end-to-end.

At the same time, digital transformation has led to a dramatic increase in the number of IoT devices connected to the network, a situation that makes security capabilities delivered only in a public cloud manner unable to cope with new challenges. Since IoT devices do not have agents, IT departments cannot install security clients or redirect device traffic to cloud security services; therefore, zero-trust security must be applied at the WAN edge.

To realize the full potential of cloud solutions and digital transformation, enterprises and organizations need a new WAN edge that blends local and cloud-delivered security to achieve the expected effects of SASE, provide security for users connecting to SaaS and public cloud platforms, and protect IoT devices that require zero-trust identity-based security. With the Aruba ESP integration announced today, enterprise customers can now apply granular identity-based security policies from edge to cloud to securely connect and protect users and devices.
A recent report from communications research firm 650 Group highlights the growing interest in SASE among enterprises, while explaining the need to re-examine their security approaches in light of the current state of the technology. “As enterprises transition to Zero Trust and SASE architectures, they are increasingly evaluating and deploying multi-vendor cloud-delivered security services, and do not require all SASE components to come from a single vendor,” said Chris DePuy, technology analyst and founder of 650 Group. “Aruba’s approach helps users strike the right balance between implementing native security capabilities at the WAN edge and having the freedom to choose from leading cloud-delivered security services such as Zscaler, Netskope and Check Point. This multi-vendor approach provides enterprises with the flexibility to continue working with existing vendors or move to ‘best of breed’ systems.”

ClearPass Policy Manager Integration with Aruba EdgeConnect

The integration of ClearPass Policy Manager with the Aruba EdgeConnect SD-WAN edge platform enhances application intelligence by adding user identity, IoT device, role, and security health information to form the foundation of the SASE WAN edge. Combining user roles and security health with advanced dynamic network segmentation capabilities greatly simplifies network management by eliminating the complexity associated with configuring hundreds of VLANs for various users and devices. Integrating ClearPass Policy Manager with EdgeConnect enables consistent and automated definition of roles that can be enforced across the entire network, including LAN and WAN, for users’ devices.

Aruba Threat Defense Integration with Aruba EdgeConnect

The integration of Aruba Threat Defense with the Aruba EdgeConnect SD-WAN edge platform extends advanced intrusion detection and prevention (IDS/IPS) capabilities to EdgeConnect physical and virtual appliances. This allows the EdgeConnect platform to leverage the Aruba threat management infrastructure to share critical threat information between Aruba Central and EdgeConnect for comprehensive visibility across the network. These advanced unified threat management (UTM) capabilities enable enterprises to achieve east-west lateral security at branch offices, local data centers, and in the cloud, as well as secure local Internet access. By leveraging a consistent threat management infrastructure and threat data across the Aruba ESP platform, network and security managers can centrally apply and enforce threat management policies across the enterprise.

Freedom of choice through a multi-vendor partner ecosystem

As enterprises transition to Zero Trust and SASE architectures, they are increasingly evaluating and deploying multi-vendor cloud-delivered security services. This is confirmed by a recent security best practices survey conducted by the Ponemon Institute, which shows that more than 70% of respondents prefer to choose best-of-breed cloud-delivered security solutions over one-stop solutions to build a comprehensive Zero Trust and SASE infrastructure.

With the new service orchestration configuration process, the Aruba Orchestrator management console (formerly Silver Peak Unity Orchestrator) now includes pre-configured default information about proximity-based cloud security services from cloud security partners. Network administrators can quickly and easily associate Aruba branch office locations with partner POPs and cloud data centers. Currently, leading security service providers such as Check Point, Forcepoint, McAfee, Palo Alto Networks, Symantec and Zscaler are part of the Aruba Technology Alliance partner ecosystem, with Netskope being the first to use this new configuration workflow capability.

“ClearPass Policy Manager and Aruba Threat Defense Management integrated with the EdgeConnect SD-WAN edge platform provide a common identity-based policy framework across the Aruba secure edge portfolio. This powerful combination will enable customers to transition at their own pace from traditional data center-centric, perimeter security-based network architectures to cloud-centric secure WANs that embrace Zero Trust and SASE,” said David Hughes, founder of Silver Peak and senior vice president of WAN business at Aruba, a Hewlett Packard Enterprise company. “Enterprise customers can deploy our on-premises EdgeConnect WAN edge platform, enforce policy from the edge, and easily integrate with leading cloud-delivered security services from the vendor of their choice, all centrally controlled in Aruba Orchestrator.”

Comprehensive secure WAN edge portfolio supports the hybrid workplace

The Aruba ESP platform provides customers with the industry's most comprehensive portfolio of wired, wireless and WAN edge security solutions, enabling customers to adapt to today's new normal and tomorrow's unknown changes. The WAN edge portfolio includes:

• Virtual Intranet Access Client (VIA) – Whether connected to a private or public network, it can meet the mobility requirements of free office users
• Remote Access Point (RAP) – Reduces the space required for mobile, remote and temporary workspaces, allowing users to securely connect to the corporate network
• SD-Branch – Enables maximum integration and simple unified management across WLAN, LAN and SD-WAN with zero-trust security
• EdgeConnect - Delivers optimal QoE (Quality of Experience) from edge to cloud through the leading SD-WAN edge platform and unified SASE components

To learn more about these new integrations and what they mean for your enterprise, attend Atmosphere ’21 – Journey to the Edge on April 14-15.