The new advancements include the integration of the ClearPass Policy Manager secure network access control platform with the Aruba EdgeConnect SD-WAN edge platform. In case something looks familiar, EdgeConnect is a Silver Peak solution acquired by HPE in September 2020 and integrated into Aruba, also acquired by HPE but much earlier, in 2015.
The announcement of the upgrade "augments application intelligence by adding identity knowledge of users, IoT devices, roles, and security posture to form the basis of a SASE WAN edge" according to the Aruba press release.
Asked by the upgrade, Keng Tong Wee, system engineer manager for SEATH at Aruba explained that Silver Peak EdgeConnect enforces the zone-based firewall, where the protection is between firewall zones.
"However, there could be multiple types of devices and users within a single firewall zone. Hence the zone-based protection cannot be fine-grained enough to provide adequate protection to every single user and device. As each of them may need different policy and protection. With the upgrade we have overcome this challenge to transform the zone-based firewall to an identity-based firewall, to customize unique protection to the different needs of different devices and users," he continued.
Combining role and security posture intelligence with advanced dynamic segmentation capabilities eliminates the complexity associated with implementing hundreds of VLANs for each class of user and device, dramatically simplifying network administration and management.
The integration of ClearPass Policy Manager with EdgeConnect provides a consistent and automated definition of roles that can be enforced network-wide from the user’s device, through the LAN, and across the WAN.
Another upgrade is the integration of Aruba Threat Defense with the EdgeConnect SD-WAN edge platform. This extends advanced intrusion detection and prevention (IDS/IPS) capabilities to EdgeConnect physical and virtual appliances.
By leveraging a common threat infrastructure and threat feeds across Aruba ESP, network and security managers can centrally apply and enforce threat management policies enterprise-wide.
The third announcement is the expansion of the Aruba ESP multivendor security partner ecosystem, to give enterprise customers the option to choose which vendor products to use for its secure access service edge (SASE) security components.
Aruba claims these advancements will enable enterprises to fast-track their digital transformation journey from edge-to-cloud.
Wee said the upgraded solutions apply for both existing and new Aruba customers. "EdgeConnect can replace existing router-centric WAN architectures as a single unified platform, independent of ClearPass integration," he added.