Aruba Networks today announced that it has developed the first on-demand security solution that lets companies and educational institutions automatically secure and ensure the integrity unmanaged client devices that connect to the network.
Aruba's new Client Integrity module, part of the ArubaOS suite of application software, uniquely integrates Sygate Technologies' On-Demand Agent (SODA) with Aruba's stateful policy firewall.
With Aruba's system, organisations can now detect and quarantine infected or misconfigured devices attempting to access the network without administrators having to install software on alien devices. Security threats from unknown devices are eliminated in a way that is seamless to the user while not impacting the existing network.
How Network-Based, On-Demand Security Works
When a guest or unmanaged device attempts to connect to the network, Aruba's systems can now automatically serve a non-intrusive agent directly from the mobility controller to the client. This temporary agent scans the device based on pre-defined integrity policies defined by the administrator.
If the device passes integrity checks, the requisite access privileges are provided through Aruba's stateful policy firewall. If the device fails, the Aruba system can be programmed to deny access or place the user into a quarantined state with restricted access only to specific remediation servers.
"Aruba is leveraging their stateful policy engine inside its system with best-of-breed client integrity software to add value to enterprises looking to solve a real problem without having to deploy a separate system or install software on clients they don't control," said Aaron Vance, senior analyst at Synergy Research Group. "This is a really clever approach that is unique and simple."
Increasingly organisations are being forced to provide network access to unmanaged devices, such as laptops carried by guests or contractors or personal laptops or PDAs carried by students. However major concerns exist about the spread of viruses, worms, and other malware through these devices that cannot be controlled.
Aruba's on-demand protection solves these problems by ensuring compliance with security policies to prevent unauthorised data transfer and protect confidential information by working with Aruba's mobility controllers to automatically enforce integrity checks that are performed on suspect clients.
Unlike other discrete solutions that require companies to purchase, deploy and manage everything separately, Aruba become the first and only company to integrate client integrity directly into its mobility system. This makes it easier for companies to administer, eliminates manual installation of client software and provides a more robust solution that inextricably ties client integrity security with network system operations.
Within Aruba's mobility systems, companies and educational institutions now have the most advanced and comprehensive set of security capabilities available anywhere. These include universal authentication, centralized encryption, identity-based stateful firewalls, wireless intrusion prevention and now best-of-breed end point integrity.
Aruba's Client Integrity Module
Companies have traditionally combined perimeter defence security with endpoint software on client machines to secure devices connecting to the networks. Aruba's Client Integrity Module advanced the state of enterprise security by delivering network-based protection on-demand for corporations. Aruba's Client Integrity Module uniquely advanced security features such as:
- Client-integrity scanning that protects unmanaged devices from compromising network security
- Browser cache and file cleaning that ensures data downloaded to third-party devices is completely removed
- Malicious code scanning to protect against potential security breaches
- Virtual user sessions that create a secure encrypted environment on the endpoint to enable users to download confidential data into a virtual environment
- Remediation mechanisms that automatically quarantine non-compliant devices into areas where they can be brought into compliance with pre-defined policies.
Aruba's Client Integrity module, available immediately as part of the ArubaOS suite of mobility applications.