SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Aruba introduces integrated SD-WAN, LAN and security solution
Tue, 19th Jun 2018
FYI, this story is more than a year old

Aruba, a Hewlett Packard Enterprise company, today announced its Software-Defined Branch (SD-Branch) solution, a new approach designed to help customers modernise branch networks for evolving cloud, IoT and mobility requirements.

The integration of new cloud-managed SD-WAN, wired and wireless networking solutions, secured with context-based policy enforcement, significantly advances IT professionals' ability to deliver improved network availability and application performance, while dramatically reducing management time and operational and capital expenditures.

The influx of mobile and IoT devices, greater reliance on cloud-based applications, and shrinking IT budgets are having a profound impact on IT organisations.

Branch operators also face increased complexity and inefficiencies with a multiplicity of different tools for managing the network and security from different vendors.

Aruba's SD-Branch solution integrates new Aruba Branch Gateways with Aruba's Aruba Central cloud management platform to provide a single point for SD-WAN, wired and wireless networking and policy enforcement, and to deliver secure, simplified branch connectivity at scale.

This purpose-built, unified solution marks a significant advancement beyond pure-play SD-WAN offerings by delivering reduced device footprint, streamlined deployment of large-scale distributed installations, and lower WAN connectivity costs for branch customers.

Key benefits of the Aruba SD-Branch solution include simplicity at enterprise scale, integrated security, and optimised branch experience.

Simplicity at enterprise scale: Aruba Central and infrastructure enhancements

Aruba's SD-Branch solution enables IT organisations to effectively manage more branch locations with less staff while leveraging a consistent approach for security and compliance across locations.

By integrating and centralising management while eliminating costly MPLS connectivity, customers can realize savings up to 75% as compared to traditional deployments.

Aruba Central has new SD-WAN support to provide automated configuration capabilities, granular visibility, and easy-to-use troubleshooting tools.

Aruba's Zero Touch Provisioning (ZTP) and intuitive mobile app for automated device onboarding, provide non-technical staff at the branch a plug-and-play experience that eliminates the need for manual onsite configuration and costly, time-consuming truck rolls.

As it continues to expand its global presence, high-end, luxury retailer Vera Wang is an organisation that is facing this challenge as it scales its operations.

Vera Wang CIO Stewart Ebrat says, “We need to get stores up and running quickly, and maximize our WAN availability and efficiency.

“Aruba's SD-WAN solution removes the burden of building out a distributed infrastructure.

Integrated security and new cloud partnerships for advanced threat protection

The rise in mobility, IoT devices and cloud-based applications in the branch requires an automated and comprehensive way of approaching security.

Aruba is uniquely positioned to provide user and device context for consistent role-based enforcement across the LAN and WAN.

Aruba ClearPass policy manager simplifies and automates how policies are applied across different layers of network and application access removing the need for time-consuming manual configurations.

Vera Wang IT manager Corey Hasberry says, “I'm excited about Aruba's edge-to-cloud vision and integrating SD-WAN functionality.

“This will help us solve our performance and deployment problems at a fraction of the cost,” he says. “Aruba's role-based security for our Wi-Fi and WAN infrastructure will help us bring a consistent experience to our employees and customers.

Additionally, all network traffic within a branch can be forwarded to the Aruba Branch Gateway for deep packet inspection using the built-in stateful firewall, which recognises flows in a network and keeps track of the state of sessions.

IT organisations can easily assign policies for specific device types to segment their traffic up to the application layer.

In a retail environment, this easily helps limit the malicious use of in-store security cameras or designate where a Point of Sale (PoS) device can send traffic.

To solve security vulnerabilities outside the branch perimeter, Aruba has expanded its Aruba 360 security exchange technology partner program with the addition of Zscaler and new integrations with Check Point Software Technologies and Palo Alto Networks.

“Security should not be an impediment as enterprises embrace cloud and mobility and transform their network to instrument direct internet breakouts," says Zscaler business and corporate development senior vice president Punit Minocha.

“Zscaler is proud to be part of Aruba's 360 security exchange technology partner program, and to offer those enterprises using Aruba's SD-Branch solution a seamless way to make security and access controls a fundamental part of their cloud transformation journeys."

These ecosystem partners provide cloud-based firewall and advanced threat protection functionality to secure organisations' sensitive traffic heading for public Internet-bound destinations.

Optimised branch experience: New Aruba Branch Gateway delivers WAN insights and control

Providing improved user experiences starts with delivering unmatched reliability.

According to Gartner, a network outage can be more than an inconvenience, and evidence shows that these can cost anywhere from $1,000 to $1,000,000 per incident in lost productivity or revenue, depending on location and enterprise use case.

By leveraging context to gain insight into the health of an entire distributed branch network – wired, wireless, and WAN - IT organisations can dynamically optimise the user experience in real-time before any impact to the business occurs.

Embedded in the new Branch Gateway, Aruba's unique context-awareness capabilities go beyond granular role-based network access and application security to deliver a Quality of Service (QoS) experience from the LAN to the WAN.

This allows IT professionals to satisfy the needs of end users while simplifying IT operations.

Additional Branch Gateway features such as policy-based routing and dynamic path selection can now leverage this contextual data and awareness to dynamically route traffic across the WAN based on user, device, or group affiliation.

For example, retail organisations can easily prioritise PoS system and video traffic versus guest traffic, while hotels can prioritise voice traffic for anyone involved with customer service.

Pricing and availability

Without having to upgrade Aruba access points or switches, IT professionals can integrate new SD-WAN capabilities into their branch networks.

Aruba's SD-Branch solution is delivered as a part of Aruba Central with subscription-based licenses applied to a branch gateway at each site and a headend gateway hosted centrally.

Hardware list prices start at US$1,495 per gateway.

Subscriptions prices start at US$450 per gateway per year.

Initial customer shipments begin in July 2018.