网络和安全:聚氨酯t It All Together

Did you ever get that feeling when you walk into a room and you can literally feel the tension between people? I do quite often as I visit customers and get into a room with security and network engineers. Sometimes they are literally sitting on opposites sides from each other.

Mind the Gap
From a traditional standpoint, security is handled by the security engineers and networking is handled by the network engineers. Most of the time those guys (or girls) have their own take on security. The security engineers will state that security is enforced in the firewall (their domain). The network engineers of course will argue that security is everywhere in the network.

The fun part for me is getting them to work together as a team. When you enter the discussion, both sides will turn to you and hope that you will agree with their view. That is the moment I always tell them that they are both right! That normally takes some time to sink in.

Bridge the Gap with Custom-Made NAC
As I mentioned inmy previous post,Aruba Networks has always taken its own path, regardless of the technology or product. Aruba's philosophy toward open and closed systems has always been the former: open systems. Most other vendors have a closed system approach regarding security and networking. In Aruba's mind, open is the new closed. In many cases, an open approach is a big plus.

In the interest of time, I will limit myself by only explaining how this relates toAruba ClearPass Policy Manager.However, the open approach is embedded in most Aruba products.

由于开放方法，ClearPass策略管理器是一个多用户产品。它与阿鲁巴产品有关，但它也可以与市场上的大多数其他供应商和/或产品集成。

Moreover, you should not limit your integration of ClearPass Policy Managerwith only networking or security products. Widen your scope. Enterprise mobility management software, HVAC systems,access control systems or Hue lights—you name it—they will most likely be able to integrate with ClearPass Policy Manager. You can even go crazy. Make an integration with a weather service, and present everyone with an ice cream splash page when the temperature reaches 80 degrees.

Most ClearPass Policy Manager deployments are in brownfield networks, with many products from different vendors already installed. From a customer’s perspective, they have already invested time and money into their network. So why not use these products to create a tailor-made network access control (NAC) solution? Being a NAC solution, ClearPass Policy Manager is deployed on that boundary, in Aruba’s sweet spot between networking and security.

现在让我们回到前面提到的那个团队部分。所有这些产品和解决方案都已到位，由坐在该房间内的安全和网络工程师管理。当他们通过在其网络中实施和集成清除策略管理器来开始工作，他们可以创建定制的合适，从而创造putting it all together!

Learn More
More detailed information about this open approach can be found here:360 Security Exchange Program.

This blog from Jon Green, Aruba CTO:“Lock Down Your Wired Network to Mitigate Insider Threat,”is another great example of why security and network engineers should work together to secure the wired network.

An entertaining podcast can be found here:“When Security and Networking Join Forces”starring Michael Dickman, Aruba VP of product management as the networking guy, Jon Green as the security guy.

My next post will be about learning new skills, where I will write about the challenges for network engineers in today’s networks, and the need to learn new skills.

See my first blog in the series:
HPN and Aruba: A Match Made in Heaven