HPE Aruba Focus Areas

Similar documents
ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

Secure wired and wireless networks with smart access control

Intelligent Edge Protection

Visibility, control and response

ARUBA CLEARPASS NETWORK ACCESS CONTROL

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

Mobility First How Tomorrow Moves for Education

ClearPass Design Scenarios

ARUBA 360 SECURE FABRIC

ARUBA CLEARPASS POLICY MANAGER

ARUBA CLEARPASS NETWORK ACCESS CONTROL

ARUBA CLEARPASS POLICY MANAGER

QuickSpecs. Aruba ClearPass Policy Manager Platform. Overview. Aruba ClearPass Policy Manager Platform The most advanced Secure NAC platform available

2012 Cisco and/or its affiliates. All rights reserved. 1

CLEARPASS EXCHANGE. Open third party integration for endpoint controls, policy and threat prevention SOLUTION OVERVIEW MAKE BETTER-INFORMED DECISIONS

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

ARUBA, A HEWLETT PACKARD ENTERPRISE COMPANY, IS REDEFINING THE INTELLIGENT EDGE WITH MOBILITY AND IOT SOLUTIONS FOR ORGANIZATIONS

QuickSpecs. Aruba ClearPass Guest Software. Overview. Aruba ClearPass Guest Software A ClearPass Policy Manager Application.

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

The Context Aware Network A Holistic Approach to BYOD

Identity Based Network Access

Aruba ridefinisce il futuro del Mobile, Cloud e IoT

Produkt Update: Aruba 360 Secure Fabric ClearPass 6.7 neues Lizenzmodell & IntroSpect. Reinhard Lichte, Consulting Systems Engineer

Networking Solutions for Mobile Era. Amit Sanyal Director, Product Management

Provide One Year Free Update!

Next Generation Infrastructure Outsourcing. Copyright 2016 Tech Mahindra. All rights reserved.

ARUBA CLEARPASS POLICY MANAGER

2013 InterWorks, Page 1

CLEARPASS CONVERSATION GUIDE

Simplifying the Branch Network

CLEARPASS GUEST. A ClearPass Policy Manager Application DATA SHEET KEY FEATURES THE CLEARPASS ADVANTAGES

WHY YOUR NAC PROJECTS KEEP FAILING: ADDRESSING PRODUCTS, PEOPLE, PROCESSES

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

ForeScout ControlFabric TM Architecture

BYOD: BRING YOUR OWN DEVICE.

IMC as a Trojan Horse and Roadmap update

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Cisco Network Admission Control (NAC) Solution

Secure Access - Update

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Transforming IT: From Silos To Services

Ciprian Stroe Senior Presales Consultant, CCIE# Cisco and/or its affiliates. All rights reserved.

Cisco Connected Factory Accelerator Bundles

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

BYOD the HP Way: Secure, Device-Agnostic Network Access Management Jochen Fischer Solution Architect (MASE) September 2013

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cisco Meraki Wireless Solution Comparison

Alcatel-Lucent OmniVista 2500 Network Management System

ForeScout Agentless Visibility and Control

Network Segmentation Through Policy Abstraction: How TrustSec Simplifies Segmentation and Improves Security Sept 2014

Build a Software-Defined Network to Defend your Business

NX 9500 INTEGRATED SERVICES PLATFORM SERIES FOR THE PRIVATE CLOUD

HiveManager Local Cloud

Reviewer s guide. PureMessage for Windows/Exchange Product tour

QuickSpecs. Aruba ClearPass OnGuard Software. Overview. Product overview. Key Features

WHITE PAPER ARUBA SD-BRANCH OVERVIEW

QuickSpecs. Aruba IntroSpect User and Entity Behavior Analytics. Overview. Aruba IntroSpect User and Entity Behavior Analytics Product overview

Securing BYOD With Network Access Control, a Case Study

Stop Threats Before They Stop You

Cisco Self Defending Network

Security Vendor Line Card

Cloud-Enable Your District s Network For Digital Learning

How a Unified Wired and Wireless Architecture Addresses BYOD

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Compare Security Analytics Solutions

BEST PRACTICE - NAC AUF ARUBA SWITCHES. Rollenbasierte Konzepte mit Aruba OS Switches in Verbindung mit ClearPass Vorstellung Mobile First Features

Industrial IoT as enabler for digitization

How to Control Who Gets Onto Your Network A Large Systemic Bank s Security Case Study

Automate to Win: The Business Case for Standards-based Security. An InformationWeek Webcast Sponsored by

Prepare Your Network for BYOD. Meraki Webinar Series

Connectivity to Cloud-First Applications

CIAM: Need for Identity Governance & Assurance. Yash Prakash VP of Products

DNA Assurance. Predict Network Failures Before They Become Issues

SD-Access Wireless: why would you care?

Microsoft Security Management

ExtremeWireless WiNG NX 9500

Network Access Control

Cisco ONE for Access Wireless

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Cisco Unified Wireless Network Software Release 7.4

The Why, What, and How of Cisco Tetration

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Cisco.Network.Intuitive FastLane IT Forum. Andreas Korn Systems Engineer

Mobile-First. Campus Switching. Introducing Aruba Aruba Inspiration Day. Dennis Ladefoged - Systems Engineer

A HOSPITAL S HEALTH STARTS WITH ITS NETWORK INFRASTRUCTURE

The Internet of Everything is changing Everything

Vendor: Cisco. Exam Code: Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0. Version: Demo

Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE

WHITE PAPER ARUBA FOR RETAIL. Create a Next Generation Digital Store Experience

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Connected Experiences

Your wireless network

Digital Network Architecture

Borderless Networks. Tom Schepers, Director Systems Engineering

Enterprise Guest Access

Transcription:

HPE Aruba Focus Areas Security Tomas Muliuolis Baltics Country Lead

THE PERFECT STORM: MOBILE, IoT and CLOUD

Intelligent edge Connectivity Security Management Focus areas IoT Analytics Edge computing

Mobile-first network Policy Unified Multi-vendor ClearPass SDN Apps Management End-to-end Multi-vendor AirWave Central Wireless Wired 802.11ac Wave 2 APs Best of breed Mobility Controllers BLE Beacons Components Analytics Optimized for wireless aggregation Switches Routers VPN For IT For LOB Mobile engagement & business analytics 4

Connected work COWS Pager Cell phones (SMS) Bedside Terminal IP phones IP wireless phones MDA/PDA Tablets (MCA) Laptops IP- Converter ESPA 4.4.4 GSM Gateway IP Infrastructure Best OPC Server OPC, SMTP, SMNP Gateway Technical systems Gateway IP converter ESPA 4.4.4 I/O signaler Location Services Nurse Call Printing Baby Cams Lab/EPR Patient Monitoring Medical Devices Elevators Doors / Access PACS Security RFID Tags 5

v On-Ramps To Networks We are the IT Edge on IoT Small Site Medium/Large Site Cellular Backhaul Ruggedized Indoor HPE Edgeline IoT Server PHY And/Or Protocol Converters Native Ethernet Native Wi-Fi Power Line Twisted Pair RF BLE 6

Time For A New Mobility Defense Model Static Perimeter Defense Adaptive Trust Defense Anti/Virus IDS/IPS Firewalls Physical Components Web gateways Perimeter Defense Security and Policy for each user or group 7 7

ClearPass Policy Manager and NAC Solution Built-in: Policy Engine RADIUS/CoA/TACACS Profiling Accounting/reports Identity store CLEARPASS POLICY MGR Expandable Applications REMOTE LOCATION BYOD onboarding Simple guest access Health assessments Onboard Guest OnGuard 8

ClearPass Core Functionality USERS Employee BYOD Visitor Administrator Employee Contractor Headless Devices NETWORK EDGE Multi-Vendor Wired/Wireless/VPN NETWORK CORE AAA/RADIUS NAC Cert. Authority Onboarding Guest Profiler Device Registration 9 PKI ClearPass Policy Visibility - Workflow User/Role IDENTITY SOURCES Token AD/LDAP SQL Time/Day Location Device Type/Health CONTEXT 9

Clearpass for On-Boarding + Policy enforcement Identity stores (Active Directory/LDAP/SQL/SAML/Guest) Device information (Profiling, MDM, CMDB) Policy VPN Access method (Infrastructure, date/time, source) Policy (Infrastructure, Next-genfirewalling, QoS) 10

Clearpass for On-Boarding + Policy enforcement Policy Role VLAN Dynamic ACL Filter-ID WIRELESS WIRED VPN REMOTE OFFICE Policy Enforcement in the infrastructure 11

Connect-and-Protect Data Establishes trustworthy data sources for business intelligence and decision making Eight steps to trust 1. Make a physical layer (PHY) connection 2. Talk the talk with existing device protocols 3. Establish authenticity of devices and users 4. Encrypt the data 5. Secure communication pathways 6. Establish and enforce device and user roles 7. Implement access and usage policies 8. Monitor for vulnerabilities IoT Device 12

Aruba IoT profiling LAN/WLAN Remote Access 13

Enhancements - Profiling DHCP TCP SSH NMAP CDP, LLDP SNMP WMI OnGuard We re adding NMAP Port-based Scanner On-demand or pre-scheduled scans Granular visibility for like devices Enhances our competitive advantage Before After Mac OUI Two IoT Endpoints Lighting Sensor NMAP Scan Accurate Policy Decision Temperature Sensor 14

Customer s 3 rd Party Solution Provides needed Security or Service, But! Solution lacks needed wired/wireless feature IT lacks integration expertise They have ClearPass but no built-in integration What do you do? 15

ClearPass Extensions - New 3 rd Party Integration Option Extensions Repository Aruba ClearPass Opens doors for new Exchange partnerships Device authorization, MFA, visitor registration, EMM/MDM and more Extends use of existing security, productivity solutions Fast, no heavy lifting integration model. 16

Security for IoT is a Concern, But! Devices have no 802.1X capability Not all switches support 802.1X IT lacks time or 802.1X expertise What do you do? 17

ClearPass OnConnect for Easy Wired NAC Enforcement No 802.1X Aruba ClearPass SNMP Enforcement Printer Vlan Infusion Pump Vlan Existing 802.1X wired/wireless support Built-in device-centric security for all non-aaa ready customers Easy to configure on legacy multivendor switches Leverages ClearPass profiling for wired/wireless - IoT, laptops, mobile phones. 18

Ingress Engine Third-party Threat Protection 1 User connects and 2 NGFW/IPS sends 3 uploads threat event to ClearPass ClearPass isolates client ** Firewall / IPS LAN/WLAN Adaptive Trust Defense based on real-time threat detection Offers enhanced user experience as ClearPass can initiate user notifications, help-desk tickets, and update third-party security solutions ** Device in step 2 can be MDM/EMM, SIEM, etc. 19

Enhanced Profiling and Policy Solving IoT Issues OLD WAY: Wait for new Fingerprints to be made and/or manually override devices 1:1 NEW WAY: Create your own Fingerprints! 20

Automated Network and Security Controls 1 Wired/Wireless Device Auth 3 User/Device Context Shared Niara UEBA ANALYZER 4 Network and Log-based Machine Learning Packets ENTITY360 2 Devices Profiled ClearPass Policy Manager 5 Actionable Alerts Initiated ANALYTICS DATA FUSION FORENSICS BIG DATA Flows 6 ClearPass Performs Real-time Policy-based Actions Logs Real-time quarantine, re-authentication Bandwidth Control Blacklist Role-change Entity360 Profile with Risk Scoring Alerts www.arubanetworks.com/clearpass 21 www.niara.com

Innovation at the speed of the ecosystem, not a single vendor IT services Business apps Network controls Network management Policy management Cloud networking Network analytics Location services Aruba Mobile First Platform Infrastructure Wi-Fi & BLE Wired WAN 22

Easy to consume, developer ready infrastructure Innovation at the speed of the ecosystem not a single vendor Network controls Network management Policy management IT services Aruba infrastructure: Wi-Fi, BLE, Wired, WAN Cloud networking Location analytics Micro-location services Aruba Mobile First Platform Business & user facing apps 23

Aruba Mobile First Platform Components ArubaOS 8.0 (AOS8) New REST APIs and custom app signatures Aruba ClearPass New unified API library, extensions repository and OnConnect for secure IoT Aruba AirWave Northbound XML APIs to consume monitoring and reporting data Aruba Central New REST APIs, wired/wan support and network analytics Aruba Meridian Mobile app SDK for indoor location services, incl. the new location sharing and the new Meridian Goals Aruba Analytics & Location Engine (ALE, NIARA) Northbound REST APIs to consume user, device, app, location context 24

Global Wins ACS Replacement for Policy Mgmt, NAC, & BYOD Leveraged ArcSight Installation to drive AAA replacement ACS replacement for Policy Mgmt & Guest Worldwide Guest and Device Auth in Cisco / Juniper network Worldwide ACS Replacement for RADIUS and TACACS+ Increased security & simplified BYOD onboarding 25

Thank you tomas.muliuolis@hpe.com

Why compute at the edge? Time-Value of IoT Data The Edge Stage 1 Stage 2 Stage 3 Stage 4 Things Generate Data and Need Control Sensors/Actuators (Wired, Wireless) Data Aggregators Embedded Controllers IoT Gateways Edge Compute (Streaming and real time analytics) Operations Centers Data Centers / Cloud (At-rest Analytics, Management) Hard real-time If-then logic, event handling Near real-time Signal / video processing Streaming analytics Offline, batch processing Modeling Federated data analytics Increasing Data Scope Deep Edge Compute solves 7 major challenges Latency, Bandwidth, Cost, Security, Compliance, Duplication, and Integrity 27 27

Computing at the Edge: HPE is shifting left for radical results Introducing a New Product Category: Converged IoT Systems Goal Processing streaming data as close to the sensor as possible creates new opportunities Data flow Things generate data and need control Advantage Processing data streams in real time, before the data is stored for additional analysis, creates advantages Operations technology Result Fast action prior to data storage prevents data obsolescence and lost opportunities/alerts The Edge Control flow Edge IT, Datacenter and cloud Data is sensed, Things controlled New product category: Converged IoT Systems Integrate data acquisition, real- Data acquired time analytics and control Early analytics and aggregated and compute Deep analytics and compute Stage 1 Stage 2-3 Stage 4 Proven deep x86 compute Enterprise-class systems/device management Datacenter-class analytics Converged with embedded data 28 capture/control Copyright 2016 Hewlett-Packard Enterprise Corporation. The information contained herein is subject to change without notice. Shift Left from the data center to the edge 28

Why shift left and compute at the edge? The 7 benefits of computing at the Edge 1 2 3 Latency Latency in data transfer reduces time-to-insight from the data, which slows time-to-action for business and responses from the data. Bandwidth Using available but limited NW bandwidth then prevents other business critical uses of said NW bandwidth. Cost Sending data incurs IT costs, processing data at the Edge reduces NW related costs. 29 29

Why shift left and compute at the edge? The 7 benefits of computing at the Edge 4 5 6 7 Threats Duplication Corruption Compliance Transferring data by definition exposes data to security threats. Complexity and cost of storage and other assets must be duplicated to accommodate the data if sent to a data center/cloud. Data transmission, especially large amounts across large distances, can incur drops and delays associated with correction/recovery. Region and country compliance issues can complicate data transfer across borders and long distances. 30 30

Aruba IoT Location Solutions 31 31

ClearPass Exchange is Growing ClearPass Exchange arubanetworks.com Over 120 different partners 32 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback