HPE Aruba weaves new fabric for analytics-driven IoT security
HPE Aruba weaves new fabric for analytics-driven IoT security

HPE Aruba weaves new fabric for analytics-driven IoT security

HPE Aruba executives say the company has aligned its latest software layers to be more specifically engineered to address security concerns in the IoT.

Hewlett Packard Enterprise (HPE) networking and communications products company Aruba has updated its stack with a product labelled as the 360 Secure Fabric.

This ‘fabric’ (or security software framework architecture plus associated and connected application services and functions) is supposed to provide analytics-driven attack detection and response.

Where many security software layers have (until now) been focused on user behavior analysis, the IoT necessitates that admins also analyze the behavior and status of devices. In response, the company says it is innovating in user and entity behavioral analytics (‘UEBA’) and expanding its IntroSpect product family to reflect new needs.

According to Aruba spokespeople, the 360 Secure Fabric offers security teams an integrated way to detect and respond to advanced cyberattacks from pre-authorisation to post-authorisation across multi-vendor infrastructures.

The product uses machine-learning to spot attacks before they do damage, in tandem with raising the alarm for IT to further secure the network across all mobile, cloud and IoT-related devices.

Read more: IoT is heading for mass adoption by 2019, says Aruba

Partner power

The technology combines the resources and endpoint technology engineering expertise of over 100 partners (including Palo Alto Networks, McAfee and MobileIron) to create an interoperable platform for any network deployment use case.

“As traditional security perimeters dissolve rapidly with the adoption of mobile, cloud and IoT, delivering secure endpoint protection regardless of a user’s location and device is paramount in the fight against cybercrime,” said D.J. Long, head of the McAfee Security Innovation Alliance.

“We are very happy to see the integrated platform of Aruba 360 Secure Fabric working jointly with the McAfee portfolio of security products, sharing threat intelligence and workflow policies, increasing the efficiency and efficacy of security protection for mutual customers.”

Read more: Aruba releases new IoT products for large campus deployments

The sum of its parts

Components of the 360 Secure Fabric include the following:

  • Aruba IntroSpect UEBA solution: A network-agnostic family of continuous monitoring and attack detection software that includes a new entry-level edition and uses machine learning to detect changes in user and device behavior that can indicate attacks. Machine-learning algorithms generate a risk score based on the severity of an attack to speed up incident investigations for security teams.
  • Aruba ClearPass: A network access control (NAC) and policy management security product that can profile BYOD and IoT users and devices, enabling automated attack response – this technology is now integrated with Aruba IntroSpect.
  • Aruba Secure Core: Security capabilities embedded in the foundation across all of Aruba’s Wi-Fi access points, wireless controllers and switches, including the new Aruba 8400 campus core and aggregation switch.

Read more: Confusion around IoT hampers adoption in EMEA, says Aruba

Aruba strategy appears connected

The company’s efforts have been steering in this direction for some time now. Even before its acquisition by HPE back in 2015, we saw it start to extend new layers of AI and wider device-centric engineering into its product line. A big brand in its own right (and one that has kept its own name post-acquisition), Aruba is now benefiting from its own ‘internal acquisition’ of HP’s pre-existing network business.

This fact was confirmed by now-retired president and CEO Dominic Orr, who oversaw what has been a largely harmonious acquisition and transition. As UEBA machine learning security now becomes part of the wider fabric of the way we build the IoT, we will need attack detection technologies capable of correlating information across a broader array of data sources for threat-hunting, search and forensics – and this is indeed what Aruba has created.

My wife’s gone to the Caribbean on holiday this year. Jamaica? No Aruba… and yes, she went of her own accord.

Coming soon: Our IoT Build events, taking place in London in November 2017 and San Francisco in March 2018 are a great opportunity for attendees to explore the platforms, architectures, applications and connectivity that comprise the IoT ecosystem.