Aruba Edge Services
Security for the Edge
Network security challenges have evolved significantly over the years as users have become increasingly decentralized and attacks have become more sophisticated and persistent. Traditional security approaches that focused primarily on the perimeter of the network have become ineffective as standalone security strategies. Modern network security must accommodate an ever-changing, diverse set of users and devices, as well as much more prevalent threats targeting previously “trusted” parts of the network infrastructure. Zero Trust has emerged as an effective model to better address the changing security requirements for the modern enterprise by assuming that all users, devices, servers, and network segments are inherently insecure and potentially hostile. Aruba ESP with Zero Trust Security improves the overall network security posture by applying a more rigorous set of security best practices and controls to previously trusted network resources.
ARUBA ESP: CORE ZERO TRUST PRINCIPLES
Zero Trust varies significantly depending on which domain of security is being considered. Although application-level controls have been a focal point within Zero Trust, a comprehensive strategy must also encompass network security and the growing number of connected devices, including the work from home environment. Aruba ESP with Zero Trust Security incorporates comprehensive visibility, least access micro segmentation and control, as well as continuous monitoring and enforcement. Even traditional VPN solutions are enhanced by ensuring that the same controls applied to campus or branch networks, also extend to the home or remote worker. In the age of IoT, basic principles of good network security are often difficult to implement. When possible, all devices and users should be identified and properly authenticated before granting them network access. In addition to authentication, users and devices should be given the least amount of access necessary to perform their business-critical activities once they’re on the network. This means authorizing which network resources and applications any given user or device can access. Finally, all communications between end users and applications should be encrypted.
ARUBA ESP: ADOPTING “LEAST ACCESS” AND MICRO SEGMENTATION
Once visibility is in place, applying Zero Trust best practices related to “Least Access” and micro segmentation are critical next steps. This means using the best authentication method possible for each endpoint on the network (i.e. full 802.1X and multi-factor authentication for user devices) and applying an access control policy that only authorizes access to resources that are absolutely necessary for that device or user. Aruba ClearPass Policy Manager enables the creation of role-based access policies that enable IT and security teams to operationalize these best practices using a single role and associated access privileges that are applied anywhere on the network – wired or wireless infrastructure, in branch or on campus. Once profiled, devices are automatically assigned the proper access control policy and segmented from other devices via Aruba’s Dynamic Segmentation capabilities. Enforcement is provided by Aruba’s Policy Enforcement Firewall (PEF), a full application firewall that is embedded in Aruba network infrastructure. Aruba infrastructure also utilizes the most secure encryption protocols such as the WPA3 standard over wireless network connections.
ClearPass Policy Manager also integrates with a wide variety of authentication solutions enabling the use of multi-factor authentication and the ability to force re-authentication at key points throughout the network. Through the ClearPass ecosystem, customers can also easily incorporate other solutions to meet Zero Trust requirements related to contextual information and other security telemetry. This means ClearPass can integrate with a wide variety of solutions such as Endpoint Security tools to make more intelligent access control decisions based on a device’s posture. Access control policies can also be changed based on which type of device is being used, where the user is connecting from, and other context-based criteria.
CONTINUOUS MONITORING AND ENFORCEMENT
With role-based access control in place to enforce granular segmentation, ongoing monitoring of users and devices on the network make up another Zero Trust best practice. This addresses risks related to insider threats, advanced malware, or persistent threats that have circumvented traditional perimeter defenses.
Engage with our presales specialists by contacting us on [email protected] for more details
Policy Enforcement for Cyber Security
Do you know who or what is connecting to your network? With Aruba ClearPass you can be completely certain. Discover how we can support your network security management, no matter what kind of devices are connecting and where they're connecting from.
Data Center Disaster Recovery Solution
InterAdria provides end-to-end disaster recovery solutions throughout all level of layers, from the data to applications running in one or multiple data centers. InterAdria solution complies with the different enterprise demands:
- Avoiding SPoF (Single Point of Failure) with High Availability (HA) solution to protect data centers
- Active-standby disaster recovery enabling two data centers working in active/standby mode in the same or different locations. If the active data center is no longer available, the standby data center takes over services immediately, ensuring minor downtime with continuous service provisioning
- Active-active disaster recovery using two simultaneous data centers working in a load-sharing mode in the same location or different locations. The two data centers provide backup for each other, ensuring high service availability and data security
- Multi-Hybrid disaster recovery using two data centers working in active/standby or load-sharing mode in the same or multiple locations. Multiple levels of redundancy achieve more reliable continuity
SDN - Software Defined Networking
- Our solution can help modernize governments and the company's IT infrastructure. The real benefit enables centralized and efficient network management including the reduction of operation costs and enabling new technologies in the enterprise.
- Our solutions can effectively enable the technical capabilities for IT administrators to provision networks quickly, without the need for user guides, manuals, decreasing the cost of external managed services and consultancy.
- The ultimate solution for providing agile technology converted into the possibility of flexible network management and configuration with very innovative and standardized protocols.
- We provide a centralized solution with centralized network provisioning, offering comprehensive infrastructure management with full network automation, reducing the cost of operations, reducing the size of hardware components and enhance the network security with the capability of cloud-ready infrastructure with full disaster recovery capabilities.
- Adopting existing bare metal technology to virtual environment technology that will help IT reduce costs, simplify operations, and improve performance and uptime. Server virtualization, known as virtualized infrastructure, can provide benefits for IT departments of almost all sizes.
- We reallocate resources and infrastructure with zero downtime.
- We decrease the quantity of hardware, reduce power consumption and space requirements.
- We provide quick and easy provision of new infrastructure. We simplify and improve the disaster recovery technology and process.
- We ensure critical applications will stay up with highly available architecture.
- We prioritize critical and important applications to ensure they receive the resources required to meet the technical needs.
- We simplify systems environment, management and operations.