"There is no border any more," observes Aruba South Pacific director Pat Devlin. "Now, people are everywhere," as are devices and applications.
'Home' and 'work' have become mixed to form 'the third place,' he suggests, and this presents a challenge for people running technology for their organisations.
"The home is the new office," Aruba APAC director of systems engineering Mark Verbloot told iTWire, and so the home needs to be treated as part of the corporate infrastructure.
Aruba's recommendation is to do that by providing providing people who work from home with an office-grade wireless access point. It plugs into their existing modem/router and creates a separate Wi-Fi network for work use.
This access point is remotely managed along with all those installed on-premises, provides built-in security features including VPN, and provides IT with a view right to the edge.
"The cost [in the hundreds of dollars per access point] in our view is minimal," he said, and offset by the savings on VPN licences and concentrators, and more importantly on IT support and management.
Some Aruba customers have taken this approach for several years, and interest is broadening, said Devlin, "but you've got to admit you've got a problem."
People tend to focus on high-level security threats, but there's no substitute for good operational practices such as good visibility and strong (and enforced) policies.
Aruba's ClearPass network access control software works across all infrastructure (not just Aruba products), he said, and allows network managers to see what is connected, decide whether it should be connected, and if so, what it should be allowed to communicate with.
To deal with the additional challenge of IoT, Aruba has added ClearPass Device Insight, Verbloot said. This uses machine learning to categorise new and unknown devices that appear on the network. It segments devices and users, and applies policies according to the level of trust.
For example, lower-cost IP cameras have a less than stellar reputation for security, so devices in that category might only be allowed to communicate with particular services, stopping outsiders from viewing them and preventing them being co-opted into botnets.
While Aruba's system detects and categorises new devices based on their behaviour, it can't identify them. Once that information has been obtained from one customer, it becomes available to all customers.
Aruba's recently released Edge Services Platform (ESP) goes even further, using AI to identify the root cause of a problem with 95% accuracy, and automatically remediate and tune the network. All network operations (from data centre to remote workers) are consolidated in one console, and the zero-trust model gets away from the idea of a hard perimeter and instead validates and identifies users and devices to enforce policies at the point of access.
These facilities are open to customers even if their access points are ten or twelve years old, said Verbloot. They come as part of the Aruba Central network management cloud controller licence, so all customers have to do is adopt the new version. Further functions will be added over time, he said.