About the Author
Jennifer Minella is VP of Engineering and Security with Carolina Advanced Digital, Inc. In her engineering role, Minella leads strategic research and consulting for government agencies, educational institutions...
Full bio
Zero Trust Security was a big topic at Aruba#ATM Digital,和it’s not surprising. We’re in an era of heavy data privacy regulations and mounting concerns of both insider and external attacks.
I was fortunate to have participated in theNetworking Field Day Experience at ATM Digital因此,在演示期间能够提出一些探测问题。当Aruba产品经理和系统工程师领导的安全会议上,贝尔斯(Bells)发出了诸如“全面交通可见性”,“风险评分”和“行为属性”之类的短语,贝尔斯就消失了。但是,没有任何直接提及Aruba Introspect,其用户实体和行为分析(UEBA)和网络流量分析(NTA)产品。
It’s sounded like all of thejuicy goodness of IntroSpectwas integrated into Aruba's Zero Trust Security approach, including itsprofiling engine (ClearPass Device Insight), NAC (ClearPass Policy Manager),和动态分割成分。
Impact on Customers
What does this mean for customers? The overall strategy ofAruba ESP (Edge Services Platform)并不意味着更少的操作开销,但a fully integrated security solution that permeates the entire network—wired and wireless, centralized and remote.
The power of behavioral analytics overlaid on traditional profiling and NAC solutions, combined with granular access policies and dynamic segmentation, means customers are one step closer to a solution set that will actually deliver on the promises of micro-segmentation and the granular controls required by today's complex, sprawling, and IoT-laden networks.
A More Technical Look
诸如“零信任网络”之类的术语可能有点流行语,因此,让我们看一下为什么我对这种集成非常乐观的示例。UEBA和NTA解决方案(例如Introspect)依赖于完整的网络可见性,特别是通过网络上的SPAN/TAP端口之类的内容,这些内容将流量发送给收集器或聚合点。(实际上,借助Aruba的新架构,网络设备本身可以充当收藏家 - 但这是另一天的博客。)
Having full visibility of what every endpoint is doing, what it’s communicating with, how, where, and when is extremely powerful. It’s SIEM-powerful. It’s UEBA-powerful. It’s Master of the Universe-powerful.
As an immediate use, this data is an immense help when it comes to tasks like discovering and identifying users and devices on the network, specifically with device profiling. As someone who’s worked with NAC technologies for more than 15 years, I’ll share with you that while manufacturers do a great job with marketing fluff and demos that show you how easy and wonderful network visibility and profiling is – the truth is that profiling is the hardest, messiest, least accurate, and most time-consuming part of a NAC or segmentation project.
And it’s garbage-in-garbage-out. If you skimp on the profiling effort, you’ve just knocked your security posture down several notches. The ability of a network to add the context of traffic and data flows with other profiling methods is huge and it is one area customers will notice a marked difference if this product suite works as advertised. That’s just one example.
展望未来,最终,将安全性集成到网络中还具有为AIOPS功能提供的能力automation网络操作。想象一下,更动态地自动化更好的交通路径和QoS。让人联想到SDN,但没有多余的混乱和大惊小怪。
What to Expect
Aruba’s new ESP platform and Zero Trust Security strategy certainly feels like a big step in the right direction, and out of all the announcements from #ATMDigital, I think this has the potential to be one of the most impactful to organizations seeking to improve their security posture through thoughtful and meaningful network visibility and control.
The proof though will be in the customer outcomes. Demos don't necessarily show all the complexity or limitations of a product. But having seen these solutions a la carte already, I'm optimistic and very eager to see this suite in action!
Watch ATM Digital sessions on AIOps, Unified Infrastructure, and Zero Trust Security.
