HPE Adds Niara to Enhance Intelligent Edge Protection

Today, I am excited to announce that HPE Aruba has acquired Niara, a leader in the developing User and Entity Behavior Analytics (UEBA) market space, to help our customers detect and protect themselves against advanced cyber-attacks that have penetrated their perimeter defenses.

Niara is a leader in this new category of products that employ machine learning and big-data analytics on enterprise packet streams and log streams to discover these advanced attacks.

NIARA解决方案自动在全球范围内为整个企业的所有用户和设备建立基线特征。建立基线后，该软件积极寻找异常的，不一致的活动，可能表明安全威胁。由于机器学习的力量，可以在不到一分钟的时间内在不到一分钟内进行四分钟的单击，调查可能每次使用传统手动流程最多需要25个小时的个人安全事件。

通过将Niara的行为分析技术与我们的Clearpass政策经理，我们现在可以为客户提供行业最先进的威胁检测和预防解决方案，以在有线和无线环境以及物联网（IoT）设备中为网络安全提供。

我们期待通过ClearPass Exchange计划将这种新形式的威胁情报形式带给我们的客户和技术合作伙伴。

Niara与Aruba的深层根源可实现更严格的安全集成

In addition to adding a new next-generation tool to our ClearPass security arsenal, today's acquisition is also exciting at a personal level, as we welcome back old friends who were part of the Aruba team in the early days and contributed greatly to our market success.

Niara联合创始人Sriram Ramachandran（首席执行官）和Prasad Palkar（工程副总裁）以及其他几位工程师都将返回Aruba。该团队在当前的Arubaos操作系统中开发了核心技术，包括身份验证，加密，深包检查等。

As a result, the Niara team is very familiar with our customers' networks and have designed their next-gen security solution to augment these capabilities in order to create a better-together combination.

We are thrilled to welcome the entire Niara team back to the HPE Aruba family.

How does Niara fit into HPE Aruba?

Anyone that has followed Aruba over the last 15 years knows that security has always been front and center of our differentiation. Early on, we focused deeply on security, as that was the number one concern cited by most enterprises when asked about their adoption of Wi-Fi technology in the enterprise.

That has not changed. Today, security is still our customer's number one concern, especially with the mass adoption of IoT devices that have, or will, connect to wired and wireless networks.

In 2002, as wireless technologies were in the early stages of adoption, authentication and encryption were the key requirements to secure the airwaves and standards. In response, we helped develop the Wi-Fi Protected Access 2 (WPA2) industry standard protocol. But we went further than others to protect our customers' networks.

Aruba的区别在于我们如何实现WPA2无线标准。我们使用了WPA2中内置的IEEE 802.1X身份验证来启用以用户为中心的基于角色的访问模型，因此企业可以基于其组织结构实施策略，而不是使用VLANS等抽象网络构造来代表策略。

We also centralized the gold-standard AES encryption in WPA2 to secure traffic, not only over the air, but also across the wire, to protect confidential information. Additionally, we embedded a full-stateful firewall for good measure, so customers could enforce application-level policies directly to user traffic.

Wi-Fi网络的这种安全集成水平是闻所未闻的和革命性的。

This initial innovation of role-based access has now evolved into a market known as Network Access Control (NAC). The idea is to apply access control policies based not only on a user's role, but also on other related contexts such as their device's health, and other contextual information, including time of day, physical location, etc.

随着该能力的市场扩大，客户要求将此功能作为软件提供，他们可以应用于现有的网络硬件，包括来自竞争对手的硬件。作为回应，我们为NAC创建了ClearPass产品线。

ClearPass in now recognized in the industry as the most scalable, multi-vendor NAC platform. Its policy management, guest access, BYOD onboarding, advanced device health checking capabilities have won the confidence of many global enterprises.

在我们的客户部署ClearPass以保护其内部网络访问之后，他们提出了下一个逻辑问题：允许设备连接到我的网络后会发生什么？在设备在网络上后，我们可以提供有关在自动化后发生的情况的可见性吗？

如今，大多数网络只允许流量在网络上的那一刻源和目的地之间自由流动。内部控件（例如访问控制列表）用于保护某些类型的流量，而另一些则可以自由流动。

更重要的是，没有分析这些流量来检测已经渗透到周边安全系统的高级攻击，并积极寻求弱点以在室内网络上利用。

It's no small wonder that today, the mean time to discover an attack is not measured in minutes or even days, but in weeks and months.

创新以减轻下一代安全威胁

减少发现攻击的时间是Niara提出解决的问题的核心。该团队在分析数据包流以及将网络和安全策略应用于这些流方面具有深厚的专业知识。他们扩展了专业知识，以将高级机器学习算法应用于网络内的数据包流 - 由于分析数据包流生成的数据量从未尝试过。

But the singular reason they pursued this difficult problem was the realization that packets always reveal the truth. By analyzing packet streams from a security perspective, you could get to the source of attacks that are already inside your network. They then added log stream analysis to create a complete end-to-end picture of a developing attack and deliver an advanced threat detection and analysis system built on modern scale-out architectural principles.

I got to appreciate the security challenges a company faces firsthand as a board member when Aruba was an independently traded public company on the NASDAQ stock exchange. As we considered our range of responses and measures that were needed to protect our enterprise, we soon understood that responding to post-breach attacks was a very reactive approach.

我们需要一种更积极的方法来寻找可能已经进入网络并使用执法工具将其关闭的威胁。我们拥有带有ClearPass的执法工具。我们需要一种威胁狩猎工具，该工具将在网络上浮出水面的潜在威胁。

由于这一经验，Niara的价值主张与我的许多客户一样，引起了我的共鸣，我渴望与我们的HPE Aruba客户分享这种一流的技术。