Aruba Edges up to SASE

Digitalpadlock 1

By: R. Scott Raynovich

The Aruba subsidiary of Hewlett Packard Enterprise (NYSE: HPE) this week rolled out a number of security enhancements to its Aruba Edge Service Platform (ESP), in a move meant to further consolidate Aruba's management of remote access, Internet of Things (IoT), and emerging 5G applications at the network edge.

Aruba’s ESP was introduced last June as a cloud-native edge platform equipped with artificial intelligence (AI) to monitor and manage wired, wireless, and SD-WAN environments. One of the portfolio products, Aruba EdgeConnect SD-WAN (the technology HPE gained with its purchase of SD-WAN vendor Silver Peak last year) is positioned nicely as technology that can adopt more security features as part of a secure access service edge (SASE) solution. And as Futuriom has detailed, that calls for a range of security functions, which Aruba seems to deliver with this release.

"People are struggling to manage their whole infrastructure -- wired, wireless, all the connection points," Paul Kaspian, Senior Product and Solutions Marketing Manager, Aruba, told us in an interview recently. "Security is something we are embedded in here at Aruba. This is an extension of the architecture."

EdgeConnect Gets More Security

First, and perhaps most importantly, the vendor has integrated Aruba EdgeConnect SD-WAN with Aruba’s ClearPass Policy Manager. This unites the integration with SD-WAN required for a secure edge with two other SASE prerequisites — zero-trust security based on user or endpoint attributes, not IP addresses; and distributed policy enforcement and inspection, thanks to ClearPass’s dynamic network segmentation in response to security intelligence.

The EdgeConnect SD-WAN integration has another layer — the ability to track and integrate the services of third parties such as Check Point, Forcepoint, McAfee, Netskope, Palo Alto Networks, Symantec, and Zscaler through the Aruba Orchestrator management console, formerly the Silver Peak Unity Orchestrator. In the future, other third-party vendors will be added to the ecosystem.

Aruba also has integrated the EdgeConnect SD-WAN edge platform with its Aruba Threat Defense firewall. This allows threats to be identified and monitored throughout a system of branch offices or edge devices via Aruba Central, the ESP platform management console.

Aruba’s Ultimate Edge Strategy

It's clear what Aruba is trying to do here -- integrate more of Aruba's native security features into EdgeConnect for SD-WAN, while at the same time maintaining the capability for customers to add third-party security apps for a best-of-breed approach.

Aruba’s enhancements to ESP can sound complex. But the main message is simple: Aruba aims to consolidate as much technological heft as it can into intelligent edge services. It’s a strategy that recognizes that networking and security are unified in today’s digital networks, and that remote “work from anywhere” policies along with sophisticated IoT and industrial IoT will carry the day as 5G emerges. This is the message behind the momentum in the SASE market, which describes a trend of integration of network and security services.

It’s also a strategy that puts Aruba even more in competition with any vendor involved in switching — Juniper (JNPR), Cisco (CSCO), Arista (ANET) — as well as firewall suppliers such as Fortinet (FTNT), not to mention SASE vendors like Cato Networks and even the leading cloud providers, who see integration with 5G services as essential to their future.

But Aruba, and its parent HPE, are confident that a long-term "global edge to cloud platform-as-a-service” strategy is the way forward. And Aruba has a couple of interesting differentiators. One is the company’s early start on secure edge. Even before the Silver Peak acquisition, Aruba augmented a series of branch gateways with zero-trust security features.

"Aruba provides edge-to-cloud security," said Kaspian. "We are moving the capabilities forward at the edge."

Aruba has also been prescient in bringing its secure wireless solutions, including wireless clients such as the Virtual Intranet Access Client (VIA) and Remote Access Points (RAPs) under the ESP umbrella. As 5G emerges, this could be a selling point.

Overall, this week’s announcements are a net positive for Aruba. They solidify the company’s commitment to unifying networking technologies with cloud and SD-WAN security. That’s a winning formula.