Aruba modernizes network security framework with Aruba 360 Secure Fabric
Aruba, a Hewlett Packard Enterprise company, has announced the Aruba 360 Secure Fabric, a security framework that provides 360 degrees of analytics-driven attack detection and response to help organizations reduce risk in today’s changing threat landscape. Aruba is also innovating in User and Entity Behavioural Analytics by expanding the Aruba Introspect product family, enabling businesses to easily and rapidly scale machine-learned behaviour detection from small projects to full enterprise deployments.
To help organizations address new and unknown threats, the Aruba 360 Secure Fabric offers security and IT teams an integrated way to quickly detect and respond to advanced cyber attacks from pre-authorization to post-authorization across multi-vendor infrastructures, supporting enterprises of all sizes.
Components of the Aruba 360 Secure Fabric include the following:
· Aruba IntroSpect UEBA solution: A new network-agnostic family of continuous monitoring and advanced attack detection software. Includes a new entry-level edition and uses machine learning to detect changes in user and device behaviour that can indicate attacks that have evaded traditional security defenses. Machine-learning algorithms generate a Risk Score based on the severity of an attack to speed up incident investigations for security teams.
· Aruba ClearPass: A proven network access control (NAC) and policy management security solution that can profile BYOD and IoT users and devices, enabling automated attack response, is now integrated with Aruba IntroSpect. ClearPass can also be deployed on any vendor’s network.
· Aruba Secure Core: Essential security capabilities embedded in the foundation across all of Aruba’s Wi-Fi access points, wireless controllers, and switches, including the recently introduced Aruba 8400 campus core and aggregation switch.
Aruba IntroSpect Standard joins the IntroSpect UEBA family, along with new features added to the company’s flagship offering, Aruba IntroSpect Advanced. The expansion of the IntroSpect UEBA family offers security teams more choice and a quick way to implement UEBA.
It ingests common data sources including Microsoft Active Directory or other LDAP authentication records and identity information, and firewall logs from sources such as Checkpoint, Palo Alto Networks or Aruba monitoring (AMON) logs from Aruba infrastructure. Action can be taken quickly using ClearPass to quarantine, restrict, or remove identified threats. It delivers a wider set of security capabilities than IntroSpect Standard to provide attack detection by correlating across a broader array of data sources, aiding in faster incident investigation and improved threat-hunting, search, and deep forensics.
For more details, new features for Aruba IntroSpect Advanced are given below:
· Smarter Security with Dynamic Machine Learning, which allows security teams to easily customize IntroSpect’s analytical models based on the current threat environment and protection priorities. Included is “chaining”, in which the 100+ out-of-the box machine learning models can be linked together to construct new detection scenarios and associated risk scores.
· Classifying Mobile, Cloud, and IoT with Device Peer Grouping, which utilizes the ClearPass profiling functionality to group like devices even when known only by their IP address. For example, ClearPass will classify a surveillance camera or a factory sensor, and IntroSpect will benchmark its behaviour amongst its peer group. Introspect will flag unusual device behavior based on peer group comparisons, which is important in extending UEBA functionality to the growing classes of IoT devices.
· Faster Remediation with Integrated Attack Response, enabling security analysts to respond to an attack by triggering an action for ClearPass directly from the IntroSpect console.
Speaking on the same customer Faramarz Mahdavi, Senior Group Director of IT Operations, Cadence Design Systems, said, “By adding Aruba IntroSpect UEBA analytics and threat detection capabilities, we will be able to better protect our source code by automating anomaly detection and prioritizing security incidents for faster resolution. The combination of ClearPass and IntroSpect gives us a powerful, congruent solution to proactively manage and defend our organization from cyber attacks.”
The Aruba 360 Security Exchange Program combines the partners and technical resources from the IntroSpect Technology Program and the Aruba ClearPass Exchange Program. The result is more than 100 leading security and infrastructure solutions that customers and channel partners can leverage for simple, validated interoperability, enabling quick and trusted deployments. Aruba customers can leverage their existing security investments by seamlessly integrating them with Aruba solutions, providing the benefits of a unified solution with the flexibility of an open architecture.
Commention on this partner, Tom Barsi, Corporate and Business Development, Carbon Black, said, “Our integration improves overall security for enterprises by combining event data and network data to provide a more detailed view on user and device behaviour – a long-term, machine-learning view leading to quicker, better decisions. Further, integration with ClearPass ensures corrupted assets are quarantined or booted in an automated fashion – improving security and limiting risk.”
The Aruba IntroSpect Standard and Advanced editions are generally available now in North America, with limited availability in select countries. Global general availability is planned for 2018.
Tags: Aruba, network security framework, Aruba 360 Secure Fabric, hewlett packard enterprise, hpe, Aruba IntroSpect UEBA solution, Aruba ClearPass, Aruba Secure Core, Aruba IntroSpect Standard, varindia
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.