VP Jon Green’s Five Boldest Statements On Aruba Security At Atmosphere 2019
Is Aruba A Security Company? ‘Absolutely Yes’
Aruba Networks is a well-known networking and wireless provider, but the company also wants to be known as a security player.
At Aruba Atmosphere 2019 in Las Vegas, Jon Green, Aruba's vice president and chief security technologist, took the stage to talk about how networking and security go hand in hand. Aruba is leveraging its domain expertise in networking to overcome security challenges for businesses today.
Among other strong statements, Green pledged to an audience of channel partners and end customers that they can expect more from Aruba as the company has plans to expand into the security market. Here are five bold declarations from Green at Atmosphere 2019.
A Combination Of Networking And Security
"Yes, we do think of ourselves as a security company," Green said. "To the greatest extent possible, we will continue to build in security and we will be expanding our footprint in the security market in addition to networking."
Partners know that Aruba does more than just Wi-Fi and networking, but many customers are asking if Aruba is a security company, and that answer is yes, Green said. It's a question that Aruba often asks itself internally, too, he added. The bottom line is that Aruba is a networking company with a very strong foundation in security. The company believes that security should be built right into network infrastructure, he said.
Is Zero Trust The End Of Network Access Control?
"We do care about who is connecting to the network," he said. "We have devices we don’t necessarily trust. Not trusting the network means I'm essentially shifting that trust to the device, and there is a whole range of things we still have to handle out there, like IoT, that don’t fit into the ‘zero trust’ world. I actually think these two frameworks are very complementary. A zero trust framework and network access control— those go together very well."
There are countless vendors selling zero trust products today, but it's hard for customers to figure out what it means. The definition of zero trust networking, Green said, is services can be accessed on the network but it doesn’t depend on where the user is connected. One of the common questions around zero trust is that it will make network access control obsolete, and that's not the case, Green said. One will not cancel out the other.
Authentication, Authorization, Enforcement
"I've been saying the same message for years,” Green said. “Aruba was founded on the idea of different types of users and different devices, with wildly different security characteristics, all sharing the same infrastructure and doing it in a safe way. It's not new, but with the influx of IoT security has become much more important."
Aruba ClearPass has four missions in life: determining who and what is on the network, authentication, authorization and enforcement, according to Green. Traditional profiling techniques are struggling as IoT devices join the network. That's why Aruba introduced ClearPass Device Insight Tuesday, which uses machine learning to automatically discover and fingerprint all connected devices and IoT endpoints across any wired and Wi-Fi network, regardless of vendor. Cloud-hosted ClearPass Device Insight gives users a single vantage point for all endpoints connected to their network, including typical devices such as workstations or iPhones, or more "exotic" devices, such as barcode scanners or medical devices, partners told CRN.
What is Adaptive Trust?
"Access is subject to change. Just because I let you on the network five minutes or five hours ago doesn’t mean I still want you there."
Aruba's approach to zero trust can better be described as adaptive trust, Green explained. Adaptive trust says the services you can access don't depend on which network you connect from, except where you have to because it’s a device that doesn't fit into the framework. It also says that all access of services must be authenticated and encrypted, except where you can't and have no choice, so it must be limited and controlled. The last piece is around continuously monitoring access, which lets IT see elevated risk around devices or users that may have joined the network already but may not need access anymore or may even be behaving badly, Green said.
"We realize a lot of you have existing third-party security tools in place, and we want to work with those just as well," Green said.
Aruba has more than 150 integrated partners within its 360 Security Exchange Program, a program for partners that have developed security and operations features that integrate with Aruba ClearPass, Green said. Integration is done via API, which isn't a lot of work for partners, but the more context into ClearPass the better, he said.