Aruba, a Hewlett Packard Enterprise company, has announced two new offerings to help enterprise customers simplify the adoption of IoT.
First, Aruba ClearPass Device Insight delivers a single pane of glass for device visibility employing automated device discovery, machine learning (ML) based fingerprinting and identification. Additionally, Aruba introduced the Aruba 530 and 550 Series access points, an extension to the industry’s most advanced family of 802.11ax (Wi-Fi 6) IoT-ready access points. Together, these solutions allow enterprises to remove IoT security and connectivity barriers, while decreasing associated operational costs and complexities.
When addressing their IoT strategies, organisations globally are faced with new security and connectivity challenges. There are more than 14 million new connected devices being added to the network every day. The explosion of these vastly different and unpredictable device types renders manual device profiling techniques inadequate and makes automation a key requirement for securing IoT. To add to the complexity, many IoT devices are often connected to disparate overlay networks that typically support only one type of connectivity, such as Wi-Fi, Bluetooth or Zigbee.
IoT Security Starts with Visibility: AI-powered Device Discovery and Profiling
Aruba’s new ClearPass Device Insight uses machine learning and crowdsourcing to automate the discovery and fingerprinting of all connected devices and IoT devices on any wired or Wi-Fi network – regardless of vendor. Advanced technology from Aruba’s Data Science Laboratory leverages custom-built deep packet inspection (DPI) to create behavioral profiles that enable precision fingerprinting. ClearPass Device Insight’s cloud delivery platform leverages shared community learnings to identify newly-introduced devices. Used with Aruba ClearPass Policy Manager and Aruba’s Dynamic Segmentation security capabilities, IT teams can automate authentication and policy enforcement down to the device and user level, applying different access policies or rules based on the role designated for the device. If any device exhibits abnormal behavior, ClearPass can automatically quarantine or remove it from the network.
According to Gartner, “line of business, operational technology and building automation networks that were historically air-gapped are converging onto the enterprise infrastructure, adding more IoT devices and more attack opportunities².” Aruba’s closed-loop approach eliminates blind spots and provides IT teams with an automated and intelligent security solution for visibility into this massive volume and variety of devices to the corporate network, often without IT oversight. Comprehensive details about each device, including manufacturer, device location, ports and protocols used, application destinations and traffic volume are all available on ClearPass’ single-pane-of-glass management platform for complete IoT visibility and control.
“Being able to easily identify the growing number of wired and wireless IoT device types on our network, without interfering with sensitive medical equipment, is critical to our security and compliance goals,” said Kevin Rothstein, Network Engineer, Sharp Healthcare. “We are evaluating Aruba’s ClearPass Device Insight to help us discover and fingerprint all connected devices on a large scale. When integrated with ClearPass Policy Manager, we will have a powerful closed-loop policy enforcement solution down to each device.”
IoT Connectivity: Wi-Fi 6 APs as a Platform for IoT
Aruba has also expanded its portfolio of next-generation 802.11ax IoT-ready access points to address growing wireless performance requirements as well as accelerate the adoption of IoT solutions. When organizations consolidate multiple networks onto a single, converged infrastructure, IT teams can reduce complexity and improve return on investment when executing their IoT strategy. A converged network simplifies IoT onboarding through automated endpoint discovery and provides a common policy framework for mobile devices, users and things.
Like the 510 Series announced in November 2018, the new 530 and 550 Series APs eliminate the need for IoT gateways and the resulting complicated network management requirements, allowing IT teams to easily connect a diverse set of IoT devices and sensors that utilise different protocols. The support of Wi-Fi, Bluetooth 5 and Zigbee protocols on the new APs allow organisations to connect with 74% of today’s IoT devices.
“As a leading producer of baked goods for the quick service restaurant and C-store industry in the U.S. and 20 countries globally, we have a strong need to simplify connectivity for our growing set of wireless IoT devices, from inventory sensors to handheld scanners,” said Eric Spille, Manager of Technical Services for The Bama Companies. “Aruba’s new Wi-Fi 6 access points with integrated Bluetooth 5 and Zigbee will provide us with a converged platform for IoT which could greatly reduce the complexity and cost of managing multiple networks and infrastructure appliances.”
An added benefit of the 530 and 550 Series AP is that Wi-Fi 6 offers improved battery life for battery powered IoT devices. The protocol allows IoT devices to remain inactive until data needs to be transmitted. As a result, battery powered IoT devices realise a significant power savings, reducing the maintenance windows for IT staff. The efficiency improvements in Wi-Fi 6 amount to a faster performing and more efficient infrastructure as well as an enhanced experience for all the clients on the network.
Pricing and Availability
ClearPass Device Insight will begin initial customer shipments in April 2019 with a one year subscription cost starting at $1,260 USD for 100 devices. The Aruba 530 and 550 Series AP will be available in April 2019. The base US list price is $1,495 for the 530 Series and $1,895 for the 550 Series.
Channel Partner and Industry Analyst Quotes
“Pervasive enterprise digital transformation efforts are dramatically expanding the attack surface, leading organizations to face even more cybersecurity challenges than ever before,” said Bill Buckalew, Vice President of Partner Sales for Optiv. “Technologies such as Aruba’s ClearPass Device Insight, which automates device discovery and fingerprinting across the entire infrastructure, are an important component of an inside-out approach, which starts with the core requirement of every enterprise – risk mitigation – and builds out from there with customized strategy, infrastructure rationalisation and operations optimization, ongoing measurement and communication. With a risk-centric foundation in place, enterprises can close vulnerability gaps and respond to new threats in a proactive, systematic way. We look forward to further expanding our partnership and achieving continued significant growth with Aruba this year and beyond.”
“Our customers are struggling to manage huge volumes of connected devices, with new devices being added to the network daily,” said Wally Alicea, Senior Solutions Architect at Integration Partners. “We see this in large educational institutions, where they have a large set of student and faculty devices being combined onto the same infrastructure with building sensors and connected educational tools. Aruba’s ClearPass Device Insight helps IT staff manage this device growth in a more secure and compliant way by automating discovery and profiling and then linking that to a security policy that takes into account every single connected device.”
 Tim Zimmerman, Barika Pace, IoT Solutions Can't Be Trusted and Must Be Separated From the Enterprise Network to Reduce Risk (Gartner, May 14, 2018, ID# G00352858)