Security Market Segment LS
Thursday, 16 July 2020 09:36

Abandon IT security 'fortress mentality': Aruba

Aruba South Pacific director Pat Devlin Aruba South Pacific director Pat Devlin

The idea that network security can be 'crunchy on the outside, soft on the inside' has been around for at least three decades. Some experts – including then Microsoft senior security strategist Steve Riley – were arguing against it more than ten years ago, but the idea still persists.

"There is no border any more," observes Aruba South Pacific director Pat Devlin. "Now, people are everywhere," as are devices and applications.

'Home' and 'work' have become mixed to form 'the third place,' he suggests, and this presents a challenge for people running technology for their organisations.

"The home is the new office," Aruba APAC director of systems engineering Mark Verbloot told iTWire, and so the home needs to be treated as part of the corporate infrastructure.

Aruba's recommendation is to do that by providing providing people who work from home with an office-grade wireless access point. It plugs into their existing modem/router and creates a separate Wi-Fi network for work use.

This access point is remotely managed along with all those installed on-premises, provides built-in security features including VPN, and provides IT with a view right to the edge.

"The cost [in the hundreds of dollars per access point] in our view is minimal," he said, and offset by the savings on VPN licences and concentrators, and more importantly on IT support and management.

Some Aruba customers have taken this approach for several years, and interest is broadening, said Devlin, "but you've got to admit you've got a problem."

People tend to focus on high-level security threats, but there's no substitute for good operational practices such as good visibility and strong (and enforced) policies.

Aruba's ClearPass network access control software works across all infrastructure (not just Aruba products), he said, and allows network managers to see what is connected, decide whether it should be connected, and if so, what it should be allowed to communicate with.

To deal with the additional challenge of IoT, Aruba has added ClearPass Device Insight, Verbloot said. This uses machine learning to categorise new and unknown devices that appear on the network. It segments devices and users, and applies policies according to the level of trust.

For example, lower-cost IP cameras have a less than stellar reputation for security, so devices in that category might only be allowed to communicate with particular services, stopping outsiders from viewing them and preventing them being co-opted into botnets.

While Aruba's system detects and categorises new devices based on their behaviour, it can't identify them. Once that information has been obtained from one customer, it becomes available to all customers.

Aruba's recently released Edge Services Platform (ESP) goes even further, using AI to identify the root cause of a problem with 95% accuracy, and automatically remediate and tune the network. All network operations (from data centre to remote workers) are consolidated in one console, and the zero-trust model gets away from the idea of a hard perimeter and instead validates and identifies users and devices to enforce policies at the point of access.

Aruba ESP Enabling a Unified Infrastructure

These facilities are open to customers even if their access points are ten or twelve years old, said Verbloot. They come as part of the Aruba Central network management cloud controller licence, so all customers have to do is adopt the new version. Further functions will be added over time, he said.

Subscribe to Newsletter here


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.



It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.





Guest Opinion

Guest Interviews

Guest Research & Case Studies

Channel News